|
5441
|
7.8 |
HIGH
Local
|
-
|
-
|
MediaArea MediaInfoLib LXF element parsing heap-based buffer overflow vulnerability
|
CWE-823
Use of Out-of-range Pointer Offset
|
CVE-2026-28764
|
2026-05-22 00:05 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5442
|
7.5 |
HIGH
Network
|
-
|
-
|
In Splunk Enterprise versions below 10.2.2 and 10.0.5, and Splunk Cloud Platform versions below 10.3.2512.8, 10.2.2510.11, 10.1.2507.21, and 10.0.2503.13, a user with a role that has access to the `_…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2026-20239
|
2026-05-22 00:00 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5443
|
6.5 |
MEDIUM
Network
|
-
|
-
|
In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.11, and 9.3.12, and Splunk Cloud Platform versions below 10.4.2603.1, 10.3.2512.9, 10.2.2510.11, 10.1.2507.21, 10.0.2503.13, and 9.3.2411.129, …
|
CWE-20
Improper Input Validation
|
CVE-2026-20240
|
2026-05-22 00:00 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5444
|
7.1 |
HIGH
Local
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
ptrace: slightly saner 'get_dumpable()' logic
The 'dumpability' of a task is fundamentally about the memory image of
the task - t…
|
CWE-269
Improper Privilege Management
|
CVE-2026-46333
|
2026-05-21 23:16 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5445
|
8.8 |
HIGH
Network
|
struktur
|
libheif
|
libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow (write) vulnerability in the grid tile compositing, allowing an attacker to write …
|
CWE-787
Out-of-bounds Write
|
CVE-2026-32740
|
2026-05-21 23:16 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5446
|
9.1 |
CRITICAL
Network
|
eclipse
|
glassfish
|
An authenticated Remote Code Execution (RCE) vulnerability was identified in GlassFish's Administration Console. A user with access to the panel can send crafted requests that allow the execution of …
|
CWE-94
CWE-917
Code Injection
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
|
CVE-2026-2586
|
2026-05-21 22:18 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5447
|
9.6 |
CRITICAL
Network
|
eclipse
|
glassfish
|
A critical Remote Code Execution (RCE) vulnerability was identified in the server-side template rendering mechanism used by the Glassfish gadget handler. The application processes .xml files and eval…
|
CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
|
CVE-2026-2587
|
2026-05-21 22:18 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5448
|
7.5 |
HIGH
Network
|
nvidia
|
tensorrt_llm
|
NVIDIA TRT-LLM for any platform contains a vulnerability where an attacker could cause an unchecked return value to a null pointer dereference. A successful exploit of this vulnerability might lead …
|
CWE-690
Unchecked Return Value to NULL Pointer Dereference
|
CVE-2026-24160
|
2026-05-21 22:09 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5449
|
9.8 |
CRITICAL
Network
|
nvidia
|
tensorrt_llm
|
NVIDIA TRT-LLM for any platform contains a vulnerability in MPI server, where an attacker could cause an unsafe deserialization. A successful exploit of this vulnerability might lead to code executio…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2025-33255
|
2026-05-21 09:06 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5450
|
9.8 |
CRITICAL
Network
|
nvidia
|
tensorrt_llm
|
NVIDIA TRT-LLM for any platform contains a deserialization vulnerability and unsafe serialized handle. A successful exploit of this vulnerability might lead to code execution, data tampering, and i…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-24142
|
2026-05-21 09:04 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
