|
401
|
6.5 |
MEDIUM
Network
|
google
|
android
|
In multiple functions of ubsan_throwing_runtime.cpp, there is a possible UBSan failure due to an integer overflow. This could lead to remote denial of service with no additional execution privileges …
New
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-0041
|
2026-06-3 03:45 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
402
|
6.5 |
MEDIUM
Network
|
google
|
android
|
In multiple functions of ubsan_throwing_runtime.cpp, there is a possible way to cause a crash due to an integer overflow. This could lead to remote denial of service with no additional execution priv…
New
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-0040
|
2026-06-3 03:44 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
403
|
6.5 |
MEDIUM
Network
|
google
|
android
|
In multiple functions of ubsan_throwing_runtime.cpp, there is a possible persistent denial of service due to an integer overflow. This could lead to remote denial of service with no additional execut…
New
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-0039
|
2026-06-3 03:44 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
404
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In multiple functions of AccessibilityManagerService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additi…
New
|
CWE-20
Improper Input Validation
|
CVE-2026-0018
|
2026-06-3 03:44 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
405
|
7.1 |
HIGH
Network
|
ibm
|
engineering_lifecycle_management
|
IBM Engineering Lifecycle Management 7.0.3 Interim Fix 001 through Interim Fix 021, 7.1.0 Interim Fix 001 through Interim Fix 009, and 7.2.0 and 7.2.0 Interim Fix 001 is vulnerable to an XML exter…
Update
|
CWE-611
XXE
|
CVE-2026-3603
|
2026-06-3 03:44 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
406
|
7.5 |
HIGH
Network
|
viewcomponent
|
view_component
|
view_component is a framework for building reusable, testable, and encapsulated view components in Ruby on Rails. From 3.0.0 to 4.9.0, the system test entrypoint canonicalizes a user-controlled file …
Update
|
CWE-187
Partial String Comparison
|
CVE-2026-44837
|
2026-06-3 03:43 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
407
|
3.3 |
LOW
Local
|
google
|
android
|
In updateProvidersWhenServiceRemoved of CredentialManagerService.java, there is a possible way to override settings across users due to a permissions bypass. This could lead to local information disc…
New
|
CWE-269
Improper Privilege Management
|
CVE-2026-0016
|
2026-06-3 03:41 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
408
|
7.5 |
HIGH
Network
|
ibm
|
websphere_application_server
|
IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to HTTP request smuggl…
Update
|
CWE-444
HTTP Request Smuggling
|
CVE-2026-8620
|
2026-06-3 03:40 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
409
|
9.8 |
CRITICAL
Network
|
shepherdwind
|
velocity.js
|
Velocity.js is a JavaScript implementation of the Apache Velocity template engine. In 2.1.5 and earlier, a prototype pollution vulnerability was discovered in velocityjs. This issue occurs during the…
Update
|
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
|
CVE-2026-44966
|
2026-06-3 03:40 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
410
|
8.2 |
HIGH
Network
|
github
|
enterprise_server
|
A server-side request forgery (SSRF) vulnerability was identified in GitHub Enterprise Server that allowed an unauthenticated attacker to send crafted requests to internal services by exploiting insu…
Update
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-9312
|
2026-06-3 03:31 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
