|
1341
|
- |
|
-
|
-
|
Improper Handling of Case Sensitivity vulnerability in LockOutRealm in Apache Tomcat.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 …
New
|
CWE-178
Improper Handling of Case Sensitivity
|
CVE-2026-43513
|
2026-05-13 03:17 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1342
|
- |
|
-
|
-
|
DEPRECATED: Authentication Bypass Issues vulnerability in digest authentication in Apache Tomcat.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, fr…
New
|
CWE-592
DEPRECATED: Authentication Bypass Issues
|
CVE-2026-43512
|
2026-05-13 03:17 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1343
|
- |
|
-
|
-
|
Improper Input Validation vulnerability in Apache Tomcat.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 10.0.0…
New
|
CWE-20
Improper Input Validation
|
CVE-2026-41293
|
2026-05-13 03:17 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1344
|
7.3 |
HIGH
Network
|
-
|
-
|
CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e (2025-30-21) contains an insecure deserialization vulnerability (CWE-502) in its make_parquet_list.py data processing tool. The script l…
Update
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-31249
|
2026-05-13 03:16 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1345
|
7.5 |
HIGH
Network
|
-
|
-
|
docuFORM Managed Print Service Client 11.11c is vulnerable to a directory traversal allowing attackers to read arbitrary files via crafted url.
Update
|
CWE-22
Path Traversal
|
CVE-2025-65418
|
2026-05-13 03:16 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1346
|
5.5 |
MEDIUM
Local
|
python
|
pillow
|
Pillow is a Python imaging library. From version 11.2.1 to before version 12.2.0, passing nested lists as coordinates to APIs that accept coordinates such as ImagePath.Path, ImageDraw.ImageDraw.polyg…
Update
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-42309
|
2026-05-13 02:57 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1347
|
5.5 |
MEDIUM
Local
|
python
|
pillow
|
Pillow is a Python imaging library. Prior to version 12.2.0, if a font advances for each glyph by an exceeding large amount, when Pillow keeps track of the current position, it may lead to an integer…
Update
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-42308
|
2026-05-13 02:57 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1348
|
5.5 |
MEDIUM
Local
|
python
|
pillow
|
Pillow is a Python imaging library. From version 4.2.0 to before version 12.2.0, an attacker can supply a malicious PDF that causes the process to hang indefinitely, consuming 100% CPU and making the…
Update
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2026-42310
|
2026-05-13 02:55 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1349
|
4.7 |
MEDIUM
Local
|
apple
|
ipados
iphone_os
macos
visionos
|
A race condition was addressed with additional validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, …
New
|
CWE-362
Race Condition
|
CVE-2026-43659
|
2026-05-13 02:51 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1350
|
7.5 |
HIGH
Network
|
apple
|
ipados
iphone_os
macos
tvos
watchos
|
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. Processing a maliciously crafted image…
New
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-43661
|
2026-05-13 02:51 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
