|
1851
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A NULL pointer dereference in GPAC MP4Box: when parsing certain truncated MP4 files, an unknown/invalid stsd entry can result in missing descriptor fields (e.g., codec/mime/profile strings). gf_media…
|
CWE-476
NULL Pointer Dereference
|
CVE-2025-70116
|
2026-06-2 03:09 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1852
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Northern.tech Mender Client 5 before 5.0.4 allows a Cryptographic signature verification bypass.
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2025-67903
|
2026-06-2 03:09 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1853
|
3.7 |
LOW
Network
|
-
|
-
|
Northern.tech Mender Enterprise Server before 4.1.1 has Incorrect Access Control.
|
CWE-269
Improper Privilege Management
|
CVE-2026-33552
|
2026-06-2 03:09 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1854
|
3.1 |
LOW
Network
|
-
|
-
|
Northern.tech Mender Server v4.1.0, v4.0.1 and below, and fixed in v4.1.1 and v4.0.2 allows Directory Traversal.
|
CWE-22
Path Traversal
|
CVE-2026-49009
|
2026-06-2 03:09 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1855
|
7.8 |
HIGH
Local
|
-
|
-
|
Incorrect permission assignment for critical resource issue exists in ServerView Agents for Windows V11.60.04 and earlier. If this vulnerability is exploited, a local authenticated attacker who can l…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2026-27788
|
2026-06-2 03:09 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1856
|
7.8 |
HIGH
Local
|
-
|
-
|
Privilege chaining issue exists in ServerView Agents for Windows V11.60.04 and earlier. If this vulnerability is exploited, a local authenticated attacker who can log in to the server where the affec…
|
CWE-268
Privilege Chaining
|
CVE-2026-32325
|
2026-06-2 03:09 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1857
|
7.5 |
HIGH
Network
|
-
|
-
|
FlexRIC v2.0.0 crashes when an SCTP association is closed before an E2_SETUP_REQUEST is sent. The near-RT RIC assumes a mapping between SCTP association and E2 node always exists in the cleanup path …
|
CWE-617
Reachable Assertion
|
CVE-2026-37220
|
2026-06-2 03:09 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1858
|
7.5 |
HIGH
Network
|
-
|
-
|
FlexRIC v2.0.0 crashes when receiving a RIC_SUBSCRIPTION_RESPONSE with an unknown ric_id that has no corresponding pending event. The near-RT RIC uses assert() to enforce the existence of a pending e…
|
CWE-617
Reachable Assertion
|
CVE-2026-37221
|
2026-06-2 03:09 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1859
|
- |
|
-
|
-
|
FlexRIC v2.0.0 uses hardcoded assertions to validate Information Element (IE) counts in decoded E2AP messages. A remote unauthenticated attacker can send a valid E2AP PDU containing an unexpected num…
|
-
|
CVE-2026-37222
|
2026-06-2 03:09 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1860
|
- |
|
-
|
-
|
FlexRIC v2.0.0 contains a reachable assertion in the iApp message dispatcher. The dispatcher validates incoming E2AP messages against a 9-entry whitelist using assert(). A remote unauthenticated atta…
|
-
|
CVE-2026-37223
|
2026-06-2 03:09 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
