|
781
|
5.9 |
MEDIUM
Local
|
libexpat_project
|
libexpat
|
libexpat before 2.8.2 lacks handler call depth tracking for calls to XML_GetBuffer, XML_Parse, XML_ParseBuffer, XML_ParserFree, or XML_ParserReset from within handlers in cases of a policy violation.…
New
|
CWE-416
Use After Free
|
CVE-2026-50219
|
2026-06-5 03:39 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
782
|
7.5 |
HIGH
Network
|
solarwinds
|
web_help_desk
|
SolarWinds Web Help Desk is found to be affected by a denial-of-service vulnerability, which when exploited, could cause the Web Help Desk server to crash due to insufficient memory.
Update
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-28299
|
2026-06-5 03:39 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
783
|
4.3 |
MEDIUM
Network
|
hcltech
|
icontrol
|
HCL iControl was affected by Weak Input Validation vulnerability. This weakness is caused during implementation of an architectural security tactic. Received input that is expected to be of a certain…
New
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2025-52606
|
2026-06-5 03:38 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
784
|
4.3 |
MEDIUM
Network
|
hcltech
|
icontrol
|
HCL iControl was affected by Missing Cookie Attributes vulnerability. It was observed that the application is missing several critical cookie attributes, including Secure and SameSite. And also path…
New
|
CWE-614
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
|
CVE-2025-52608
|
2026-06-5 03:38 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
785
|
4.3 |
MEDIUM
Network
|
mozilla
|
firefox
|
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 151.0.3.
Update
|
CWE-843
Type Confusion
|
CVE-2026-10702
|
2026-06-5 03:38 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
786
|
5.3 |
MEDIUM
Network
|
openquantumsafe
|
liboqs
|
liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to 0.16.0, an out-of-bounds read has been identified in the XMSS and XMSS^MT …
Update
|
CWE-125
Out-of-bounds Read
|
CVE-2026-46344
|
2026-06-5 03:38 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
787
|
5.3 |
MEDIUM
Network
|
openquantumsafe
|
liboqs
|
liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to 0.16.0, an out-of-bounds read has been identified in the XMSS and XMSS^MT …
Update
|
CWE-20
CWE-125
Improper Input Validation
Out-of-bounds Read
|
CVE-2026-44518
|
2026-06-5 03:36 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
788
|
5.3 |
MEDIUM
Network
|
hcltech
|
icontrol
|
HCL iControl was affected by Missing Security Headers vulnerability. which lead to cross-site scripting (XSS) attacks by enabling the built-in XSS filtering mechanisms of modern web browsers.
New
|
CWE-693
Protection Mechanism Failure
|
CVE-2025-52609
|
2026-06-5 03:34 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
789
|
4.3 |
MEDIUM
Network
|
hcltech
|
icontrol
|
HCL iControl v4.0.0 was affected by Unhandled Exception - Stack Trace Disclosure vulnerability. The error occurs due to an undefined property being accessed in the application's JavaScript code. Spec…
New
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2025-52611
|
2026-06-5 03:34 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
790
|
8.8 |
HIGH
Network
|
hcltech
|
icontrol
|
HCL iControl was affected by Export CSV - CSV Injection vulnerability. It is vulnerable to a reflected cross-site scripting vulnerability. This was caused by an insufficient sanitation of input param…
New
|
CWE-1236
Improper Neutralization of Formula Elements in a CSV File
|
CVE-2025-52612
|
2026-06-5 03:32 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
