|
571
|
8.1 |
HIGH
Network
|
-
|
-
|
AI Tensor Engine for ROCm (AITER) through 0.1.14 contains an unauthenticated remote code execution vulnerability in the MessageQueue.recv() function within shm_broadcast.py that allows unauthenticate…
New
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-49121
|
2026-06-2 23:40 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
572
|
4.3 |
MEDIUM
Adjacent
|
-
|
-
|
Dräger Infinity Delta, Delta XL, and Kappa patient monitors contain an information disclosure vulnerability that allows unauthenticated network attackers to access log files over a network connection…
New
|
CWE-538
File and Directory Information Exposure
|
CVE-2019-25717
|
2026-06-2 23:40 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
573
|
8.8 |
HIGH
Network
|
openstack
|
keystone
|
An issue was discovered in OpenStack Keystone before 29.0.2. When combined with an application credential impersonation vulnerability, an attacker with the member role on a project can escalate to ad…
Update
|
CWE-863
Incorrect Authorization
|
CVE-2026-43000
|
2026-06-2 23:38 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
574
|
9.8 |
CRITICAL
Network
|
-
|
-
|
CWE-284: Improper Access Control in web services in Progress Sitefinity 15.4.8623 before 15.4.8630 allows a remote unauthenticated attacker to access content that should be restricted, resulting in f…
New
|
CWE-284
Improper Access Control
|
CVE-2026-7198
|
2026-06-2 23:37 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
575
|
8.8 |
HIGH
Network
|
-
|
-
|
CWE-639: Authorization Bypass Through User-Controlled Key in web services in Progress Sitefinity 15.2.x before 15.2.8441, 15.3.x before 15.3.8531, and 15.4.x before 15.4.8630 allows a remote authenti…
New
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-7201
|
2026-06-2 23:37 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
576
|
10.0 |
CRITICAL
Network
|
-
|
-
|
CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from 14.0.7700 to 14.4.8152, and 15.0.8200 to 15.0.8234, and 15.1.8300 to 15.1.8335, 15.2.8400 to 15.2.844…
New
|
-
|
CVE-2026-7312
|
2026-06-2 23:37 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
577
|
8.7 |
HIGH
Network
|
-
|
-
|
CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from 8.0.5700 to 13.3.7652 allows a remote authenticated attacker to obtain plain-text credentials used co…
New
|
-
|
CVE-2026-7313
|
2026-06-2 23:37 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
578
|
8.2 |
HIGH
Network
|
-
|
-
|
FlexRIC v2.0.0 allows a single SCTP connection to bind multiple xapp_ids by sending multiple E42_SETUP_REQUESTs. On disconnect, only the first registered xapp_id's resources are cleaned up; subsequen…
New
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-37234
|
2026-06-2 23:35 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
579
|
4.9 |
MEDIUM
Network
|
mattermost
|
legal_hold
|
Mattermost Plugins versions <=1.1.5 fail to sanitize filenames received from federated peers before using them to construct export destination paths, which allows an administrator of a remote federat…
Update
|
CWE-22
Path Traversal
|
CVE-2026-6957
|
2026-06-2 23:29 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
580
|
8.1 |
HIGH
Network
|
erlang
|
erlang\/otp
|
Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_cert and public_key modules) allows a DNS nameConstraints bypass via subject CommonName fallback in TLS hostname verific…
Update
|
CWE-295
CWE-297
Improper Certificate Validation
Improper Validation of Certificate with Host Mismatch
|
CVE-2026-42790
|
2026-06-2 23:24 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
