|
1011
|
4.8 |
MEDIUM
Adjacent
|
-
|
-
|
A vulnerability in which an attacker can provide a crafted external URL that may redirect a user to an unintended website.
New
|
CWE-601
Open Redirect
|
CVE-2026-28301
|
2026-06-10 02:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1012
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Deserialization of untrusted data in Nuance PowerScribe allows an unauthorized attacker to execute code over a network.
New
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-26142
|
2026-06-10 02:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1013
|
7.3 |
HIGH
Local
|
-
|
-
|
NVIDIA DALI contains a vulnerability in a component where an attacker could cause an improper index validation. A successful exploit of this vulnerability might lead to code execution, data tampering…
New
|
CWE-129
Improper Validation of Array Index
|
CVE-2026-24181
|
2026-06-10 02:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1014
|
7.3 |
HIGH
Local
|
-
|
-
|
NVIDIA DALI contains a vulnerability in a component where an attacker could cause a heap-based buffer overflow. A successful exploit of this vulnerability might lead to code execution, data tampering…
New
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-24180
|
2026-06-10 02:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1015
|
8.1 |
HIGH
Network
|
-
|
-
|
Waves Central for macOS versions 13.0.9 through 16.5.5 contain a local privilege escalation vulnerability in the privileged helper service. The helper validates connecting XPC clients using the clien…
New
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2026-24065
|
2026-06-10 02:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1016
|
7.8 |
HIGH
Local
|
-
|
-
|
Omnissa Workspace ONE® Assist for macOS contains a Local Privilege Escalation Vulnerability.
New
|
CWE-22
Path Traversal
|
CVE-2026-22926
|
2026-06-10 02:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1017
|
7.3 |
HIGH
Network
|
-
|
-
|
A security flaw has been discovered in imvks786 student_management_system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. This impacts an unknown function of the file admin/admin_login.php of the com…
Update
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-11531
|
2026-06-10 02:17 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1018
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in TOTOLINK AC1200 T8 4.1.5cu.8611. This affects an unknown function of the file /etc/vsftpd.conf of the component vsftpd. The manipulation leads to least p…
Update
|
CWE-266
CWE-272
Incorrect Privilege Assignment
Least Privilege Violation
|
CVE-2026-11494
|
2026-06-10 02:17 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1019
|
- |
|
-
|
-
|
Two endpoints in the Vault Service ScriptsController, shared by Altium Enterprise Server and Altium 365, accept file uploads where a user-supplied filename component is used to construct the destinat…
Update
|
CWE-22
CWE-306
Path Traversal
Missing Authentication for Critical Function
|
CVE-2026-11429
|
2026-06-10 02:17 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1020
|
8.8 |
HIGH
Network
|
-
|
-
|
A security vulnerability has been detected in JingDong JD Cloud Box AX6600 4.5.3.r4546. The impacted element is the function set_macfilter of the file /sbin/jdcweb_rpc. The manipulation leads to stac…
Update
|
CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error')
Stack-based Buffer Overflow
|
CVE-2026-11413
|
2026-06-10 02:17 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
