|
3571
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in raisulislamg4 student_management_system_by_php up to 310d950e09013d5133c6b9210aff9444382d16d1. The affected element is an unknown function of the file add_user_check…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-10227
|
2026-06-4 01:16 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3572
|
7.8 |
HIGH
Local
|
google
|
android
|
In multiple locations, there is a possible tapjacking due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interacti…
|
CWE-269
Improper Privilege Management
|
CVE-2026-0009
|
2026-06-4 01:16 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3573
|
8.6 |
HIGH
Network
|
-
|
-
|
Dräger Infinity Acute Care System and Standalone Infinity M540 patient monitors running software versions VG4.1.1, VG4.0.3, and lower contain network message handling vulnerabilities that allow netwo…
|
CWE-924
Improper Enforcement of Message Integrity During Transmission in a Communication Channel
|
CVE-2019-25719
|
2026-06-4 01:16 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3574
|
5.5 |
MEDIUM
Local
|
opentelemetry
|
ebpf_instrumentation
|
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI's replacement ELF parser trusts section offsets, counts, and string o…
|
CWE-20
CWE-248
Improper Input Validation
Uncaught Exception
|
CVE-2026-45676
|
2026-06-4 01:08 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3575
|
4.2 |
MEDIUM
Network
|
redhat
|
build_of_keycloak
|
A flaw was found in Keycloak, an open-source identity and access management solution. When a client application is configured to accept broad redirect Uniform Resource Identifiers (URIs), a remote at…
|
CWE-1288
Improper Validation of Consistency within Input
|
CVE-2026-9689
|
2026-06-4 00:42 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3576
|
8.8 |
HIGH
Network
|
redhat
|
build_of_keycloak
|
A flaw was found in Keycloak. An authenticated user with low privileges can exploit this vulnerability by sending an oversized subject_token JSON Web Token (JWT) to the TokenEndpoint. When the token …
|
CWE-1284
Improper Validation of Specified Quantity in Input
|
CVE-2026-9704
|
2026-06-4 00:40 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3577
|
6.5 |
MEDIUM
Network
|
accellion
|
kiteworks
|
Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms allows an authenticated attacker to tamper w…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-23638
|
2026-06-4 00:30 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3578
|
8.2 |
HIGH
Network
|
accellion
|
kiteworks
|
Kiteworks is a private data network (PDN). Prior to version 9.3.0, a reflected XSS vulnerability in Kiteworks Secure Data Forms could allow an external attacker to trick a user into executing arbitra…
|
CWE-79
Cross-site Scripting
|
CVE-2026-24751
|
2026-06-4 00:29 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3579
|
8.2 |
HIGH
Network
|
accellion
|
kiteworks
|
Kiteworks is a private data network (PDN). Prior to version 9.3.0, a reflected XSS vulnerability in Kiteworks Secure Data Forms could allow an external attacker to trick a user into executing arbitra…
|
CWE-79
Cross-site Scripting
|
CVE-2026-24752
|
2026-06-4 00:29 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3580
|
6.5 |
MEDIUM
Network
|
accellion
|
kiteworks
|
Kiteworks is a private data network (PDN). Prior to version 9.3.0, an Insecure Direct Object Reference (IDOR) vulnerability in Kiteworks Secure Data Forms allows an authenticated user to modify resou…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-24753
|
2026-06-4 00:28 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
