|
861
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A security flaw has been discovered in medkey-org medkey up to fc09b7ba9441ff590b72d428d5380834216b09ed. Impacted is the function actionGetPatientById of the file app\modules\medical\port\rest\contro…
|
CWE-99
Resource Injection
|
CVE-2026-12207
|
2026-06-15 11:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
862
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was identified in Grit42 Grit up to 0.11.0. This issue affects the function Grit::Assays::DataTableEntity of the file modules/assays/backend/app/models/grit/assays/data_table_entity.r…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-12206
|
2026-06-15 11:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
863
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was determined in ShopXO up to 6.7.1. This vulnerability affects the function OrderClose/OrderSuccess/PayLogOrderClose/GoodsGiveIntegral of the file app/api/controller/Crontab.php of …
|
CWE-285
CWE-639
Improper Authorization
Authorization Bypass Through User-Controlled Key
|
CVE-2026-12204
|
2026-06-15 11:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
864
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in HKUDS AI-Trader up to 74caf996f78dcc0c657df8365c8544678a16e215. This affects an unknown part of the file /api/research/agents.csv of the component Research Export. Perfor…
|
CWE-200
CWE-284
Information Exposure
Improper Access Control
|
CVE-2026-12203
|
2026-06-15 11:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
865
|
7.5 |
HIGH
Network
|
netty
|
netty
|
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, SslClientHelloHandler.decode() reads the 24-bit TLS handsha…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-45416
|
2026-06-15 11:15 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
866
|
4.0 |
MEDIUM
Local
|
netty
|
netty
|
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, netty_unix_socket_recvFd sets msg_control to `char control[…
|
CWE-200
CWE-772
Information Exposure
Missing Release of Resource after Effective Lifetime
|
CVE-2026-45536
|
2026-06-15 11:14 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
867
|
6.8 |
MEDIUM
Network
|
netty
|
netty
|
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's DNS resolver uses a predictable PRNG for generating…
|
CWE-330
CWE-340
Use of Insufficiently Random Values
Generation of Predictable Numbers or Identifiers
|
CVE-2026-45673
|
2026-06-15 11:14 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
868
|
10.0 |
CRITICAL
Network
|
netty
|
netty
|
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's DnsResolveContext fails to validate the origin (bai…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2026-45674
|
2026-06-15 11:13 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
869
|
7.5 |
HIGH
Network
|
netty
|
netty
|
Netty is a network application framework for development of protocol servers and clients. In versions of netty-transport-sctp prior to 4.1.135.Final and 4.2.15.Final, for each non-complete SctpMessag…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-46340
|
2026-06-15 11:12 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
870
|
5.3 |
MEDIUM
Network
|
netty
|
netty
|
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, DefaultHttp2Connection.DefaultEndpoint initialises maxActiv…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-47244
|
2026-06-15 11:11 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
