|
3501
|
6.5 |
MEDIUM
Network
|
devolutions
|
devolutions_server
|
Improper
access control in the vault documentation feature in Devolutions
Server allows an authenticated attacker to read documentation content
from unauthorized vaults via a crafted API request.
…
|
CWE-862
Missing Authorization
|
CVE-2026-6706
|
2026-05-4 22:37 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3502
|
6.5 |
MEDIUM
Adjacent
|
amazon
|
freertos-plus-tcp
|
Integer underflow in the ICMP and ICMPv6 echo reply handlers in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network user to cause a denial of service (device crash) when outgoing pi…
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2026-7423
|
2026-05-4 22:35 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3503
|
8.1 |
HIGH
Adjacent
|
amazon
|
freertos-plus-tcp
|
Integer underflow in the DHCPv6 sub-option parser in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network actor to corrupt the device's IPv6 address assignment, DNS configuration, an…
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2026-7424
|
2026-05-4 22:22 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3504
|
6.5 |
MEDIUM
Adjacent
|
amazon
|
freertos-plus-tcp
|
Insufficient option length validation in the IPv6 Router Advertisement parser in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause a denial of service (device crash…
|
CWE-125
Out-of-bounds Read
|
CVE-2026-7425
|
2026-05-4 22:12 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3505
|
8.1 |
HIGH
Adjacent
|
amazon
|
freertos-plus-tcp
|
Insufficient validation of the prefix length field in IPv6 Router Advertisement processing in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause memory corruption by…
|
CWE-787
Out-of-bounds Write
|
CVE-2026-7426
|
2026-05-4 22:12 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3506
|
9.1 |
CRITICAL
Network
|
rti
|
connext_professional
|
Improper Restriction of XML External Entity Reference vulnerability in Connext Professional (Core Libraries) allows Serialized Data External Linking.This issue affects Connext Professional: from 7.4.…
|
CWE-611
XXE
|
CVE-2025-14543
|
2026-05-4 22:02 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3507
|
3.7 |
LOW
Network
|
-
|
-
|
A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol (OCSP) response during a TLS handshake. Due to a lo…
|
CWE-179
Incorrect Behavior Order: Early Validation
|
CVE-2026-3832
|
2026-05-4 05:16 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3508
|
7.1 |
HIGH
Local
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
io_uring/rsrc: reject zero-length fixed buffer import
validate_fixed_range() admits buf_addr at the exact end of the
registered r…
|
-
|
CVE-2026-43006
|
2026-05-3 16:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3509
|
7.8 |
HIGH
Local
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
perf/x86: Fix potential bad container_of in intel_pmu_hw_config
Auto counter reload may have a group of events with software even…
|
-
|
CVE-2026-31782
|
2026-05-3 16:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3510
|
7.8 |
HIGH
Local
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: wilc1000: fix u8 overflow in SSID scan buffer size calculation
The variable valuesize is declared as u8 but accumulates the…
|
-
|
CVE-2026-31780
|
2026-05-3 16:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
