|
1411
|
8.1 |
HIGH
Network
|
-
|
-
|
Cross-site request forgery vulnerability exists in Musetheque V4 Information Disclosure for IPKNOWLEDGE V4L1 rev2203.0 and earlier. If a user views a malicious page while logged-in to the affected pr…
|
CWE-352
Origin Validation Error
|
CVE-2026-28761
|
2026-05-15 23:30 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1412
|
6.5 |
MEDIUM
Network
|
pyload-ng_project
|
pyload-ng
|
pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, when passing a folder name in the set_package_data() API function call inside the data object with key "_…
|
CWE-22
CWE-36
Path Traversal
Absolute Path Traversal
|
CVE-2026-42315
|
2026-05-15 23:29 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1413
|
5.5 |
MEDIUM
Local
|
microsoft
|
live_preview
|
Relative path traversal in Visual Studio Code allows an unauthorized attacker to disclose information locally.
|
CWE-22
CWE-23
Path Traversal
Relative Path Traversal
|
CVE-2026-41612
|
2026-05-15 23:25 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1414
|
8.8 |
HIGH
Network
|
microsoft
|
visual_studio_code
|
Session fixation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network.
|
CWE-78
CWE-384
OS Command
Session Fixation
|
CVE-2026-41613
|
2026-05-15 23:23 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1415
|
7.5 |
HIGH
Network
|
webtechnologies
|
changedetection
|
changedetection.io is a free open source web page change detection tool. Prior to 0.55.1, the vulnerability is caused by trusting attacker-controlled snapshot paths restored from backup files. The vu…
|
CWE-73
External Control of File Name or Path
|
CVE-2026-43891
|
2026-05-15 23:20 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1416
|
6.7 |
MEDIUM
Local
|
fortinet
|
fortiap
fortiap-w2
|
An improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiAP 7.6.0 through 7.6.2, FortiAP 7.4.0 through 7.4.5, FortiAP 7.2 all versi…
|
CWE-78
OS Command
|
CVE-2025-53870
|
2026-05-15 23:15 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1417
|
6.2 |
MEDIUM
Local
|
adobe
|
c2pa
c2pa-web
|
CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit …
|
CWE-20
Improper Input Validation
|
CVE-2026-34688
|
2026-05-15 23:14 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1418
|
6.2 |
MEDIUM
Local
|
adobe
|
c2pa
c2pa-web
|
CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in an application denial-of-service. An attacker could exp…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-34680
|
2026-05-15 23:14 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1419
|
6.2 |
MEDIUM
Local
|
adobe
|
c2pa
c2pa-web
|
CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit …
|
CWE-20
Improper Input Validation
|
CVE-2026-34679
|
2026-05-15 23:14 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1420
|
6.2 |
MEDIUM
Local
|
adobe
|
c2pa
c2pa-web
|
CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to application denial-of-service. An attacker could explo…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-34678
|
2026-05-15 23:14 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
