|
1751
|
- |
|
-
|
-
|
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-next.12, 21.2.13, 20.3.21, and 19.2.22, a Server-Si…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-46417
|
2026-06-24 00:16 |
2026-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1752
|
8.1 |
HIGH
Network
|
-
|
-
|
Dell Wyse Management Suite (WMS), versions prior to WMS 2605, contain an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker …
|
CWE-89
SQL Injection
|
CVE-2026-44271
|
2026-06-24 00:16 |
2026-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1753
|
3.3 |
LOW
Local
|
-
|
-
|
A security flaw has been discovered in Browserbase up to 20260526. This impacts an unknown function of the component Autobrowse Trace Artifact Handler. The manipulation results in incorrect default p…
|
CWE-266
CWE-276
Incorrect Privilege Assignment
Incorrect Default Permissions
|
CVE-2026-12823
|
2026-06-24 00:16 |
2026-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1754
|
3.5 |
LOW
Network
|
-
|
-
|
A security vulnerability has been detected in Radware Cyber Controller up to 10.11.0. This affects an unknown part of the component HTML Report Generation. The manipulation leads to HTML injection. R…
|
CWE-74
CWE-80
Injection
Basic XSS
|
CVE-2026-12812
|
2026-06-24 00:16 |
2026-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1755
|
8.8 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in Edimax BR-6478AC V2 1.23. The impacted element is the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component POST Request Handler. The manip…
|
CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error')
Classic Buffer Overflow
|
CVE-2026-12806
|
2026-06-24 00:16 |
2026-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1756
|
4.8 |
MEDIUM
Network
|
-
|
-
|
The fix for CVE-2026-2443 was regressed by a subsequent rework commit that replaced specific overflow checks with a general signed comparison. When a client sends a Range request with a suffix length…
|
CWE-805
Buffer Access with Incorrect Length Value
|
CVE-2026-12549
|
2026-06-24 00:16 |
2026-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1757
|
- |
|
-
|
-
|
DRIMO CMS is vulnerable to Reflected XSS via q parameter in searching functionality. An attacker can prepare an URL that, when opened, results in arbitrary JavaScript execution in the victim's browse…
|
CWE-79
Cross-site Scripting
|
CVE-2026-11772
|
2026-06-24 00:16 |
2026-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1758
|
6.8 |
MEDIUM
Network
|
-
|
-
|
A missing authorization flaw was found in the OpenShift Cluster Logging Operator. The operator creates and forwards ServiceAccount tokens to output destinations without verifying that the ClusterLogF…
|
CWE-862
Missing Authorization
|
CVE-2026-10609
|
2026-06-24 00:16 |
2026-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1759
|
8.1 |
HIGH
Network
|
-
|
-
|
picklescan before 0.0.33 fails to detect malicious pickle files that invoke numpy.f2py.crackfortran.myeval function through the reduce method. Attackers can craft malicious pickle files embedding arb…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2025-71365
|
2026-06-24 00:16 |
2026-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1760
|
8.1 |
HIGH
Network
|
-
|
-
|
picklescan before 0.0.29 fails to detect the profile.Profile.runctx function when analyzing pickle files, allowing attackers to embed undetected malicious code. Remote attackers can craft malicious p…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2025-71341
|
2026-06-24 00:16 |
2026-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
