|
5891
|
7.5 |
HIGH
Network
|
-
|
-
|
Authen::TOTP versions before 0.1.1 for Perl generate secrets using rand.
Secrets were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage.
|
CWE-331
Insufficient Entropy
|
CVE-2026-46473
|
2026-05-23 01:14 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5892
|
9.8 |
CRITICAL
Network
|
-
|
-
|
The BookingPress Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'bookingpress_validate_submitted_booking_form_func' function in all versio…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-6960
|
2026-05-23 00:50 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5893
|
7.8 |
HIGH
Local
|
trendmicro
|
apex_one
|
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-45207 but exists in a different…
|
CWE-346
Origin Validation Error
|
CVE-2026-45206
|
2026-05-23 00:49 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5894
|
7.8 |
HIGH
Local
|
trendmicro
|
apex_one
|
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-45206 but exists in a different…
|
CWE-346
Origin Validation Error
|
CVE-2026-45207
|
2026-05-23 00:48 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5895
|
7.8 |
HIGH
Local
|
trendmicro
|
apex_one
|
A time-of-check time-of-use vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the abil…
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2026-45208
|
2026-05-23 00:48 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5896
|
9.8 |
CRITICAL
Network
|
trendmicro
|
apex_one
|
A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations.
Please note: although this vul…
|
CWE-22
Path Traversal
|
CVE-2025-71210
|
2026-05-23 00:15 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5897
|
9.8 |
CRITICAL
Network
|
trendmicro
|
apex_one
|
A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is similar in …
|
CWE-22
Path Traversal
|
CVE-2025-71211
|
2026-05-23 00:13 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5898
|
7.8 |
HIGH
Local
|
trendmicro
|
apex_one
|
A link following vulnerability in the Trend Micro Apex One scan engine could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the…
|
CWE-59
Link Following
|
CVE-2025-71212
|
2026-05-23 00:08 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5899
|
7.8 |
HIGH
Local
|
trendmicro
|
apex_one
|
An origin validation error vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the abili…
|
CWE-346
Origin Validation Error
|
CVE-2025-71213
|
2026-05-23 00:05 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5900
|
7.5 |
HIGH
Network
|
honeywell
|
control_network_module_firmware
|
Honeywell Control
Network Module (CNM) contains
insertion of sensitive information into an unintended directory. An attacker could exploit this vulnerability through probing
system files, potentially…
|
CWE-538
File and Directory Information Exposure
|
CVE-2026-5434
|
2026-05-22 23:38 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
