|
5361
|
5.3 |
MEDIUM
Network
|
opentelemetry
|
opentelemetry
opentelemetry.api
opentelemetry.extensions.propagators
|
OpenTelemetry dotnet is a dotnet telemetry framework. In OpenTelemetry.Api 0.5.0-beta.2 to 1.15.2 and OpenTelemetry.Extensions.Propagators 1.3.1 to 1.15.2, The implementation details of the baggage, …
|
CWE-789
Memory Allocation with Excessive Size Value
|
CVE-2026-40894
|
2026-04-29 04:34 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5362
|
7.5 |
HIGH
Network
|
senselive
|
x3500_firmware
|
A vulnerability in SenseLive X3050’s management ecosystem allows unauthenticated discovery of deployed units through the vendor’s management protocol, enabling identification of device presence, iden…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2026-35064
|
2026-04-29 04:33 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5363
|
9.8 |
CRITICAL
Network
|
senselive
|
x3500_firmware
|
A vulnerability in SenseLive X3050’s web management interface allows authentication logic to be performed entirely on the client side, relying on hardcoded values within browser-executed scripts rath…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2026-35503
|
2026-04-29 04:33 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5364
|
5.3 |
MEDIUM
Network
|
senselive
|
x3500_firmware
|
A vulnerability exists in SenseLive X3050’s web management interface due to its reliance on unencrypted HTTP for all administrative communication. Because management traffic, including authentication…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2026-40431
|
2026-04-29 04:33 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5365
|
9.8 |
CRITICAL
Network
|
senselive
|
x3500_firmware
|
A vulnerability in SenseLive X3050’s embedded management service allows full administrative control to be established without any form of authentication or authorization on the SenseLive config appli…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2026-40620
|
2026-04-29 04:32 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5366
|
9.1 |
CRITICAL
Network
|
senselive
|
x3500_firmware
|
A vulnerability exists in SenseLive X3050's web management interface that allows critical configuration parameters to be modified without sufficient authentication or server-side validation. By apply…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2026-27843
|
2026-04-29 04:32 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5367
|
8.1 |
HIGH
Network
|
senselive
|
x3500_firmware
|
A vulnerability in SenseLive X3050's web management interface allows state-changing operations to be triggered without proper Cross-Site Request Forgery (CSRF) protections. Because the application do…
|
CWE-352
Origin Validation Error
|
CVE-2026-27841
|
2026-04-29 04:32 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5368
|
5.4 |
MEDIUM
Network
|
senselive
|
x3500_firmware
|
A vulnerability exists in SenseLive
X3050’s web management interface due to improper session lifetime enforcement, allowing authenticated sessions to remain active for extended periods without requi…
|
CWE-613
Insufficient Session Expiration
|
CVE-2026-25720
|
2026-04-29 04:31 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5369
|
5.9 |
MEDIUM
Network
|
opentelemetry
|
opentelemetry
|
OpenTelemetry dotnet is a dotnet telemetry framework. In 1.6.0-rc.1 and earlier, OpenTelemetry.Exporter.Jaeger may allow sustained memory pressure when the internal pooled-list sizing grows based on …
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-41078
|
2026-04-29 04:24 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5370
|
7.5 |
HIGH
Network
|
sqlalchemy
|
mako
|
Mako is a template library written in Python. Prior to 1.3.11, TemplateLookup.get_template() is vulnerable to path traversal when a URI starts with // (e.g., //../../../secret.txt). The root cause is…
|
CWE-22
Path Traversal
|
CVE-2026-41205
|
2026-04-29 04:14 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
