|
781
|
- |
|
-
|
-
|
tarfile.data_filter could be bypassed using crafted link entries, including symlinks with empty or directory-like names, to redirect later archive members outside the intended extraction directory. T…
Update
|
CWE-22
Path Traversal
|
CVE-2026-7774
|
2026-06-11 04:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
782
|
- |
|
-
|
-
|
Unauthenticated users on the local network can cause the router to become unavailable by sending specially crafted requests.
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2026-3088
|
2026-06-11 04:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
783
|
7.5 |
HIGH
Network
|
-
|
-
|
Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain a buffer overflow in the IPMacBindIndex parameter of the formIPMacBindDel function. This vulnerability allows attacker…
New
|
CWE-120
Classic Buffer Overflow
|
CVE-2026-36800
|
2026-06-11 04:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
784
|
7.5 |
HIGH
Network
|
-
|
-
|
Shenzhen Tenda Technology Co., Ltd Tenda W3 Wireless Router v1.0.0.3(2204) was discovered to contain a stack overflow in the wl_radio parameter of the formWifiRadioSet function. This vulnerability al…
New
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-36792
|
2026-06-11 04:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
785
|
7.5 |
HIGH
Network
|
-
|
-
|
Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.5(4180) was discovered to contain a stack overflow in the ip parameter of the fromNetToolGet function. This vulnerability allows att…
New
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-36784
|
2026-06-11 04:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
786
|
7.5 |
HIGH
Network
|
-
|
-
|
Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.5(4180) was discovered to contain multiple stack overflows in the fromVirtualSer function via the puVar2, puVar1, __s2, __s1_00, and…
New
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-36779
|
2026-06-11 04:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
787
|
9.1 |
CRITICAL
Network
|
-
|
-
|
An insecure authentication vulnerability in the /api/social-sign-in endpoint of bookcars v8.3 allows attackers to bypass authentication via a forged JWT token.
New
|
CWE-287
Improper Authentication
|
CVE-2026-36727
|
2026-06-11 04:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
788
|
5.4 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in TabGroups in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via malicious network traffic. (Chromium security severity: Low)
Update
|
CWE-451
User Interface (UI) Misrepresentation of Critical Information
|
CVE-2026-11232
|
2026-06-11 04:11 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
789
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low)
Update
|
CWE-416
Use After Free
|
CVE-2026-11230
|
2026-06-11 04:09 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
790
|
6.1 |
MEDIUM
Physics
|
google
|
chrome
|
Inappropriate implementation in Enterprise in Google Chrome prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via physical access to the device. (Chromium security sever…
Update
|
CWE-269
Improper Privilege Management
|
CVE-2026-11229
|
2026-06-11 04:09 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
