|
2231
|
5.6 |
MEDIUM
Local
|
-
|
-
|
A flaw was found in GNOME localsearch (previously known as tracker-miners) MP3 Extractor. When processing specially crafted MP3 files containing ID3v2.4 tags, a missing bounds check in the `extract_p…
|
CWE-125
Out-of-bounds Read
|
CVE-2026-1764
|
2026-06-17 00:42 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2232
|
5.6 |
MEDIUM
Local
|
-
|
-
|
A flaw was found in the `tracker-extract-mp3` component of GNOME localsearch (previously known as tracker-miners). This vulnerability, a heap buffer overflow, occurs when processing specially crafted…
|
CWE-125
Out-of-bounds Read
|
CVE-2026-1765
|
2026-06-17 00:42 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2233
|
5.6 |
MEDIUM
Local
|
-
|
-
|
A flaw was found in GNOME localsearch (previously known as tracker-miners) MP3 Extractor, specifically within the tracker-extract-mp3 component. This heap buffer overflow vulnerability occurs when pr…
|
CWE-805
Buffer Access with Incorrect Length Value
|
CVE-2026-1766
|
2026-06-17 00:42 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2234
|
5.6 |
MEDIUM
Local
|
-
|
-
|
A flaw was found in the GNOME localsearch (previously known as tracker-miners) MP3 Extractor `tracker-extract-mp3` component. A remote attacker could exploit this heap buffer overflow vulnerability b…
|
CWE-805
Buffer Access with Incorrect Length Value
|
CVE-2026-1767
|
2026-06-17 00:42 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2235
|
6.7 |
MEDIUM
Local
|
-
|
-
|
Dell Peripheral Manager, versions prior to 1.7.3, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious dll.…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-22447
|
2026-06-17 00:42 |
2026-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2236
|
7.8 |
HIGH
Local
|
kovidgoyal
|
kitty
|
Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.3, kitty's OSC 21 (color-control) query reply reflects attacker-controlled bytes, including newlines, into the shell's input wi…
|
CWE-94
CWE-150
Code Injection
Improper Neutralization of Escape, Meta, or Control Sequences
|
CVE-2026-54057
|
2026-06-17 00:42 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2237
|
9.8 |
CRITICAL
Network
|
-
|
-
|
GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open() of filename arguments in _make_filehandle.
GD::Image::_make_filehandle opens a filename argument wit…
|
CWE-73
CWE-78
External Control of File Name or Path
OS Command
|
CVE-2026-11526
|
2026-06-17 00:41 |
2026-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2238
|
8.6 |
HIGH
Local
|
-
|
-
|
Config::IniFiles versions before 3.001000 for Perl allow OS command injection and file overwrite via a 2-arg open() of the -file argument in _make_filehandle.
Config::IniFiles::_make_filehandle open…
|
CWE-73
CWE-78
External Control of File Name or Path
OS Command
|
CVE-2026-11527
|
2026-06-17 00:41 |
2026-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2239
|
- |
|
-
|
-
|
Responsive FileManager's allows an unauthenticated attacker to upload files of any type and extension without restriction using dialog.php endpoint, leading to Remote Code Execution.
This project i…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-5482
|
2026-06-17 00:41 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2240
|
8.8 |
HIGH
Network
|
-
|
-
|
Due to the improper neutralization of special elements used in a name parameter a low privileged remote attacker can exploit a command injection vulnerability in the Managed Ethernet Switch, resultin…
|
CWE-78
OS Command
|
CVE-2026-5416
|
2026-06-17 00:41 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
