|
631
|
8.1 |
HIGH
Network
|
-
|
-
|
pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, when a PAM service is configured with deny_remote=false in pam_usb (commonly done for display manage…
Update
|
CWE-863
Incorrect Authorization
|
CVE-2026-48064
|
2026-06-3 05:16 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
632
|
7.8 |
HIGH
Local
|
-
|
-
|
pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, pamusb-pinentry reads the PINENTRY_FALLBACK_APP environment variable and executes it directly withou…
Update
|
CWE-78
OS Command
|
CVE-2026-44709
|
2026-06-3 05:16 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
633
|
8.6 |
HIGH
Local
|
zed
|
zed
|
Zed is a code editor. Prior to 0.229.0, Zed's terminal tool permission system can be bypassed via bash arithmetic expansion $((...)), allowing execution of arbitrary commands nested inside an allowli…
Update
|
CWE-78
OS Command
|
CVE-2026-44466
|
2026-06-3 05:14 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
634
|
8.2 |
HIGH
Network
|
ibm
|
cognos_analytics
cognos_transformer
|
IBM Cognos Analytics 11.2.0, 11.2.4, 12.0, and 12.1.0 and IBM Cognos Transformer 11.2.4, 12.0, and 12.1.0 are vulnerable to cross-site scripting (XSS). This vulnerability allows a remote attacker to …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2025-3633
|
2026-06-3 05:05 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
635
|
7.5 |
HIGH
Network
|
ibm
|
db2
|
IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to a denial of service with a specially crafted query when autonomous transactions are enabled.
Update
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-1718
|
2026-06-3 05:02 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
636
|
6.5 |
MEDIUM
Network
|
redhat
samba
|
openshift_container_platform
samba
enterprise_linux
|
A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem wri…
Update
|
CWE-284
NVD-CWE-noinfo
Improper Access Control
|
CVE-2026-1933
|
2026-06-3 05:01 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
637
|
6.8 |
MEDIUM
Local
|
synology
|
beedrive
|
Files or directories accessible to external parties vulnerability in redis-server component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to conduct denial-of-service attacks…
Update
|
CWE-552
Files or Directories Accessible to External Parties
|
CVE-2024-11399
|
2026-06-3 04:55 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
638
|
7.5 |
HIGH
Network
|
ibm
|
infosphere_optim_test_data_fabrication
|
IBM InfoSphere Optim Test Data Fabrication 1.0.0, 1.0.0.1, 1.0.0.2, 1.0.2, 1.0.2.2, 1.0.2.3, 1.0.2.4, 1.0.2.5, 1.0.2.6, 1.0.2.7 could allow a remote attacker to traverse directories on the system. An…
Update
|
CWE-22
Path Traversal
|
CVE-2026-3366
|
2026-06-3 04:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
639
|
7.8 |
HIGH
Local
|
ibm
|
netezza_performance_server_replication_services
|
IBM Netezza Performance Server Replication Services 3.0.2.0 through 3.0.5.0 allows an attacker with low‑privileged access to escalate their privileges to root. By exploiting this flaw, the attacker c…
Update
|
CWE-250
NVD-CWE-noinfo
Execution with Unnecessary Privileges
|
CVE-2026-3623
|
2026-06-3 04:44 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
640
|
6.5 |
MEDIUM
Network
|
ibm
|
cloud_application_performance_managemen
|
IBM Cloud APM, Base Private 8.1.4 and IBM Cloud APM, Advanced Private 8.1.4 IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) could allow an authenticated user to cause a denial of se…
Update
|
CWE-1284
Improper Validation of Specified Quantity in Input
|
CVE-2026-3676
|
2026-06-3 04:41 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
