|
3221
|
9.8 |
CRITICAL
Network
|
-
|
-
|
The
iSherlock developed by HGiga has an OS Command Injection vulnerability, allowing unauthenticated local attackers to inject arbitrary OS commands and execute them on the server.
|
CWE-78
OS Command
|
CVE-2026-6349
|
2026-04-24 17:16 |
2026-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3222
|
9.8 |
CRITICAL
Network
|
-
|
-
|
In Totara LMS v19.1.5 and before, the forgot password API does not implement rate limiting for the target email address. which can be used for an Email Bombing attack. NOTE: the Supplier's position i…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-31283
|
2026-04-24 17:16 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3223
|
- |
|
-
|
-
|
Improper Resource Shutdown or Release vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP versions 1.000 and prior allows a remote attacker to cause…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2026-1875
|
2026-04-24 17:16 |
2026-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3224
|
- |
|
-
|
-
|
Vulnerabilidad de cierre o liberación inadecuados de recursos en Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-EIP EtherNet/IP Module FX5-EIP todas las versiones permite a un atacante remoto…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2026-1875
|
2026-04-24 17:16 |
2026-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3225
|
- |
|
-
|
-
|
Always-Incorrect Control Flow Implementation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP versions 1.106 and prior and Mitsubishi Electr…
|
CWE-670
Always-Incorrect Control Flow Implementation
|
CVE-2026-1874
|
2026-04-24 17:16 |
2026-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3226
|
- |
|
-
|
-
|
Vulnerabilidad de implementación de flujo de control siempre incorrecto en Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET/IP Ethernet Module FX5-ENET/IP versiones 1.106 y anteriores y Mi…
|
CWE-670
Always-Incorrect Control Flow Implementation
|
CVE-2026-1874
|
2026-04-24 17:16 |
2026-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3227
|
5.4 |
MEDIUM
Network
|
-
|
-
|
Software which sets SO_REUSEPORT_LB on a socket and then connects it to a host will not directly observe any problems. However, due to its membership in a load-balancing group, that socket will rece…
|
CWE-488
Exposure of Data Element to Wrong Session
|
CVE-2025-24934
|
2026-04-24 09:16 |
2025-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3228
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
pinctrl: pinconf-generic: Fix memory leak in pinconf_generic_parse_dt_config()
In pinconf_generic_parse_dt_config(), if parse_dt_…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2026-23337
|
2026-04-24 06:17 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3229
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:
pinctrl: pinconf-generic: Corrección de fuga de memoria en pinconf_generic_parse_dt_config()
En pinconf_generic_parse_dt_config(…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2026-23337
|
2026-04-24 06:17 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3230
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu/userq: Do not allow userspace to trivially triger kernel warnings
Userspace can either deliberately pass in the too sm…
|
NVD-CWE-noinfo
|
CVE-2026-23338
|
2026-04-24 06:17 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
