|
281
|
6.8 |
MEDIUM
Network
|
-
|
-
|
In OpenStack Ironic through 35.0.1, when applying a PATCH to update fields in volume properties the user is authorized for, Ironic can return unredacted sensitive information (such as iSCSI credentia…
New
|
CWE-212
Improper Removal of Sensitive Information Before Storage or Transfer
|
CVE-2026-54421
|
2026-06-14 13:16 |
2026-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282
|
8.5 |
HIGH
Network
|
-
|
-
|
LiteSpeed cPanel plugin before 2.4.8 (as distributed in LiteSpeed WHM PlugIn before 5.3.2.0) mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running Clo…
New
|
CWE-61
UNIX Symbolic Link (Symlink) Following
|
CVE-2026-54420
|
2026-06-14 13:16 |
2026-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. The impacted element is an unknown function of the file /index.php. The manipulation of…
New
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-12176
|
2026-06-14 09:16 |
2026-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
284
|
6.5 |
MEDIUM
Network
|
gpac
|
gpac
|
A NULL pointer dereference in the ctts_box_write function (isomedia/box_code_base.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2025-55659
|
2026-06-14 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285
|
7.5 |
HIGH
Network
|
gpac
|
gpac
|
A NULL pointer dereference in the gf_odf_vvc_cfg_write_bs function (odf/descriptors.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2025-55657
|
2026-06-14 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
286
|
5.5 |
MEDIUM
Local
|
gpac
|
gpac
|
A NULL pointer dereference in the gf_isom_get_user_data_count function (isomedia/isom_read.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2025-55651
|
2026-06-14 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287
|
7.5 |
HIGH
Network
|
gpac
|
gpac
|
A segmentation violaton in the gf_hevc_read_sps_bs_internal function (media_tools/av_parsers.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying crafted HEVC SPS …
Update
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2025-52293
|
2026-06-14 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288
|
7.5 |
HIGH
Network
|
gpac
|
gpac
|
A stack buffer overflow in the filein_process function (in_file.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file.
Update
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2025-52292
|
2026-06-14 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289
|
4.7 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in CodeAstro Student Attendance Management System 1.0. Impacted is an unknown function of the file /attendance-php/Admin/createStudents.php. Performing a manipulation of …
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-12175
|
2026-06-14 08:16 |
2026-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290
|
8.8 |
HIGH
Network
|
-
|
-
|
A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation o…
New
|
CWE-119
CWE-134
Incorrect Access of Indexable Resource ('Range Error')
Use of Externally-Controlled Format String
|
CVE-2026-12174
|
2026-06-14 06:16 |
2026-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
