|
2101
|
8.8 |
HIGH
Network
|
-
|
-
|
Dell OpenManage Integration with Microsoft Windows Admin Center contains a Remote Code Execution vulnerability in the gateway plugin. A remote authenticated user could potentially exploit this vulner…
|
CWE-77
Command Injection
|
CVE-2024-24909
|
2026-06-17 02:34 |
2026-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2102
|
5.4 |
MEDIUM
Network
|
-
|
-
|
PowerStore contains a Stored Cross-Site Scripting Vulnerability in the PowerStore Manager. A remote authenticated low-privileged malicious actor could potentially exploit this vulnerability, it could…
|
CWE-79
Cross-site Scripting
|
CVE-2024-30476
|
2026-06-17 02:34 |
2026-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2103
|
7.0 |
HIGH
Local
|
-
|
-
|
api-gateway container running with root privilege would allow an attacker to escape the container and access host system to perform unintended actions.
|
CWE-269
Improper Privilege Management
|
CVE-2024-38487
|
2026-06-17 02:34 |
2026-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2104
|
6.5 |
MEDIUM
Network
|
gpac
|
gpac
|
GPAC MP4Box v2.4 was discovered to contain a floating point exception in the avidmx_process function (isomedia/isom_write.c).
|
CWE-369
Divide By Zero
|
CVE-2025-55642
|
2026-06-17 02:34 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2105
|
5.5 |
MEDIUM
Local
|
gpac
|
gpac
|
A NULL pointer dereference in the gf_isom_copy_sample_info function (isomedia/isom_write.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
|
CWE-476
NULL Pointer Dereference
|
CVE-2025-55641
|
2026-06-17 02:28 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2106
|
4.3 |
MEDIUM
Network
|
webpack.js
|
webpack-dev-server
|
Impact: When a user-configured proxy on webpack-dev-server has a broad context (e.g. /) and ws: true, it also intercepts the dev server's own HMR WebSocket and forwards it to the proxy target. This l…
|
CWE-346
CWE-441
Origin Validation Error
Confused Deputy
|
CVE-2026-9595
|
2026-06-17 02:24 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2107
|
6.5 |
MEDIUM
Network
|
mattermost
|
mattermost_desktop
|
Mattermost Desktop App versions <=6.1 5.5.13.0 fail to account for attempting to open extremely long URLs in the Mattermost Desktop App which allows a malicious server owner to crash the application …
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-8683
|
2026-06-17 02:18 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2108
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Firefox for iOS used partial domain matching when attaching cookies to PDF requests, allowing a malicious site on a suffix domain to receive cookies belonging to the target site. This vulnerability w…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2026-53899
|
2026-06-17 02:16 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2109
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Bernd Bestel grocy v4.6.0 was discovered to contain a SQL injection vulnerability in the product-group parameter at /stockreports/spendings. This vulnerability allows attackers to access sensitive da…
|
CWE-89
SQL Injection
|
CVE-2026-50890
|
2026-06-17 02:16 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2110
|
7.5 |
HIGH
Network
|
-
|
-
|
An input handling flaw in the HTTP refresh token process of LLDAP v0.6.2 allows attackers to cause a Denial of Service (DoS) via sending a crafted refresh-token header.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-50889
|
2026-06-17 02:16 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
