|
371
|
- |
|
-
|
-
|
DataDog::DogStatsd versions through 0.07 for Perl allow metric injections from event tags.
DataDog::DogStatsd does not properly sanitise input, allowing metric injections of data from untrusted sour…
New
|
CWE-93
CWE-150
CRLF Injection
Improper Neutralization of Escape, Meta, or Control Sequences
|
CVE-2026-11362
|
2026-06-6 02:04 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
372
|
6.5 |
MEDIUM
Network
|
-
|
-
|
7-Zip is a file archiver with a high compression ratio. Versions 9.21 through 26.00 contain an An uninitialized memory disclosure vulnerability in the UEFI capsule (.scap) parser in 7-Zip. The OpenCa…
New
|
CWE-908
Use of Uninitialized Resource
|
CVE-2026-48101
|
2026-06-6 02:04 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
373
|
3.1 |
LOW
Network
|
-
|
-
|
7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File Identifier Descriptor parse…
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-48102
|
2026-06-6 02:04 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
374
|
- |
|
-
|
-
|
DataDog::DogStatsd versions through 0.07 for Perl allow metric injections.
DataDog::DogStatsd does not properly sanitise input, allowing metric injections of data from untrusted sources.
The send_s…
New
|
CWE-93
CWE-150
CRLF Injection
Improper Neutralization of Escape, Meta, or Control Sequences
|
CVE-2026-9270
|
2026-06-6 02:04 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
375
|
5.5 |
MEDIUM
Local
|
linaro
|
op-tee
|
OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.3.0 and prior t…
New
|
CWE-843
Type Confusion
|
CVE-2026-45702
|
2026-06-6 01:56 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
376
|
7.5 |
HIGH
Network
|
microsoft
|
exchange_online
|
Improper authorization in Microsoft Exchange Online allows an unauthorized attacker to disclose information over a network.
New
|
CWE-285
Improper Authorization
|
CVE-2026-48579
|
2026-06-6 01:51 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
377
|
8.8 |
HIGH
Network
|
dlink
|
dwr-m920_firmware
|
A vulnerability was detected in D-Link DWR-M920 1.1.50/1.1.70. Affected is the function sub_41C8E8 of the file /boafrm/formSmsManage. Performing a manipulation of the argument action_value results in…
New
|
CWE-74
CWE-77
Injection
Command Injection
|
CVE-2026-10878
|
2026-06-6 01:48 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
378
|
3.1 |
LOW
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in WebAuthentication in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy…
New
|
CWE-20
Improper Input Validation
|
CVE-2026-11244
|
2026-06-6 01:43 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
379
|
5.4 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in Downloads in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)
New
|
CWE-346
Origin Validation Error
|
CVE-2026-11243
|
2026-06-6 01:43 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
380
|
9.8 |
CRITICAL
Network
|
microsoft
|
azure_horizondb
|
Authentication bypass by spoofing in Azure HorizonDB allows an unauthorized attacker to elevate privileges over a network.
New
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2026-48567
|
2026-06-6 01:30 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
