|
911
|
8.8 |
HIGH
Network
|
-
|
-
|
A security vulnerability has been detected in Totolink N300RH 3.2.4-B20220812. This affects the function setWanConfig of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manip…
New
|
CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error')
Classic Buffer Overflow
|
CVE-2026-7749
|
2026-05-5 00:17 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
912
|
8.8 |
HIGH
Network
|
-
|
-
|
A vulnerability was detected in Totolink N300RH 3.2.4-B20220812. This vulnerability affects the function setMacFilterRules of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The …
New
|
CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error')
Classic Buffer Overflow
|
CVE-2026-7750
|
2026-05-5 00:17 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
913
|
6.5 |
MEDIUM
Network
|
vmware
|
spring_framework
|
A WebFlux server application that processes multipart requests creates temp files for parts larger than 10 K. Under some circumstances, temp files may remain not deleted after the request is fully pr…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-22740
|
2026-05-4 23:51 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
914
|
3.1 |
LOW
Network
|
vmware
|
spring_framework
|
Spring MVC and WebFlux applications are vulnerable to cache poisoning when resolving static resources.
More precisely, an application can be vulnerable when all the following are true:
* the ap…
|
CWE-524
Use of Cache Containing Sensitive Information
|
CVE-2026-22741
|
2026-05-4 23:51 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
915
|
5.3 |
MEDIUM
Network
|
vmware
|
spring_framework
|
Spring MVC and WebFlux applications are vulnerable to Denial of Service attacks when resolving static resources.
More precisely, an application can be vulnerable when all the following are true:
…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-22745
|
2026-05-4 23:50 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
916
|
9.8 |
CRITICAL
Network
|
nvidia
|
nvflare
|
NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system where an unauthenticated attacker may cause authorization bypass through user-controlled key. A succ…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-24178
|
2026-05-4 23:34 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
917
|
8.8 |
HIGH
Network
|
nvidia
|
nvflare
|
NVIDIA FLARE SDK contains a vulnerability in FOBS, where an attacker may cause deserialization of untrusted data by sending a malicious FOBS- encoded message. A successful exploit of this vulnerabil…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-24186
|
2026-05-4 23:33 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
918
|
6.5 |
MEDIUM
Network
|
nvidia
|
nvflare
|
NVIDIA Flare SDK contains a vulnerability where an Attacker may cause an Improper Input Validation by path traversing. A successful exploit of this vulnerability may lead to information disclosure.
|
CWE-20
Improper Input Validation
|
CVE-2026-24204
|
2026-05-4 23:33 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
919
|
8.6 |
HIGH
Network
|
nvidia
|
nemoclaw
|
NVIDIA NeMoClaw contains a vulnerability in the sandbox environment initialization component, where a remote attacker could cause improper access control by sending prompt-injected content that cause…
|
CWE-497
Exposure of Sensitive System Information to an Unauthorized Control Sphere
|
CVE-2026-24222
|
2026-05-4 23:31 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
920
|
6.3 |
MEDIUM
Local
|
nvidia
|
nemoclaw
|
NVIDIA NemoClaw contains a vulnerability in the validateEndpointUrl() SSRF protection component, where an attacker could cause a server-side request forgery by supplying a crafted endpoint URL refere…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-24231
|
2026-05-4 23:30 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
