|
21
|
8.6 |
HIGH
Local
|
-
|
-
|
Yeoman Environment provides an API to discover, create, and run generators, and to configure where and how a generator is resolved. Versions 2.9.0 through 6.0.0 install missing local generator packag…
New
|
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
|
CVE-2026-42089
|
2026-06-17 02:35 |
2026-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
22
|
6.7 |
MEDIUM
Local
|
-
|
-
|
Dell Peripheral Manager, versions from 1.5.1 to 1.7.2, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious…
New
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-22451
|
2026-06-17 02:34 |
2026-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
23
|
8.8 |
HIGH
Network
|
-
|
-
|
Dell OpenManage Integration with Microsoft Windows Admin Center contains a Remote Code Execution vulnerability in the gateway plugin. A remote authenticated user could potentially exploit this vulner…
New
|
CWE-77
Command Injection
|
CVE-2024-24909
|
2026-06-17 02:34 |
2026-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
24
|
5.4 |
MEDIUM
Network
|
-
|
-
|
PowerStore contains a Stored Cross-Site Scripting Vulnerability in the PowerStore Manager. A remote authenticated low-privileged malicious actor could potentially exploit this vulnerability, it could…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-30476
|
2026-06-17 02:34 |
2026-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
25
|
7.0 |
HIGH
Local
|
-
|
-
|
api-gateway container running with root privilege would allow an attacker to escape the container and access host system to perform unintended actions.
New
|
CWE-269
Improper Privilege Management
|
CVE-2024-38487
|
2026-06-17 02:34 |
2026-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
26
|
6.5 |
MEDIUM
Network
|
gpac
|
gpac
|
GPAC MP4Box v2.4 was discovered to contain a floating point exception in the avidmx_process function (isomedia/isom_write.c).
New
|
CWE-369
Divide By Zero
|
CVE-2025-55642
|
2026-06-17 02:34 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
27
|
5.5 |
MEDIUM
Local
|
gpac
|
gpac
|
A NULL pointer dereference in the gf_isom_copy_sample_info function (isomedia/isom_write.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
New
|
CWE-476
NULL Pointer Dereference
|
CVE-2025-55641
|
2026-06-17 02:28 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
28
|
4.3 |
MEDIUM
Network
|
webpack.js
|
webpack-dev-server
|
Impact: When a user-configured proxy on webpack-dev-server has a broad context (e.g. /) and ws: true, it also intercepts the dev server's own HMR WebSocket and forwards it to the proxy target. This l…
New
|
CWE-346
CWE-441
Origin Validation Error
Confused Deputy
|
CVE-2026-9595
|
2026-06-17 02:24 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
29
|
6.5 |
MEDIUM
Network
|
mattermost
|
mattermost_desktop
|
Mattermost Desktop App versions <=6.1 5.5.13.0 fail to account for attempting to open extremely long URLs in the Mattermost Desktop App which allows a malicious server owner to crash the application …
New
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-8683
|
2026-06-17 02:18 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
30
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Firefox for iOS used partial domain matching when attaching cookies to PDF requests, allowing a malicious site on a suffix domain to receive cookies belonging to the target site. This vulnerability w…
New
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2026-53899
|
2026-06-17 02:16 |
2026-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
