|
1841
|
9.6 |
CRITICAL
Network
|
-
|
-
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Software Center allows Path Traversal.
…
|
CWE-22
Path Traversal
|
CVE-2026-5166
|
2026-05-4 23:16 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1842
|
8.8 |
HIGH
Network
|
-
|
-
|
Improper link resolution before file access ('link following') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus About allows Symlink Attack.
This issue affects Pardus …
|
CWE-59
Link Following
|
CVE-2026-5161
|
2026-05-4 23:16 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1843
|
8.8 |
HIGH
Network
|
-
|
-
|
Improper neutralization of CRLF sequences ('CRLF injection') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Update allows Authentication Bypass.
This issue affects P…
|
CWE-93
CRLF Injection
|
CVE-2026-5140
|
2026-05-4 23:16 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1844
|
- |
|
-
|
-
|
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accid…
|
-
|
CVE-2026-4928
|
2026-05-4 23:16 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1845
|
6.5 |
MEDIUM
Adjacent
|
amazon
|
freertos-plus-tcp
|
Insufficient packet validation in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to bypass all checksum and minimum-size validation by spoofing the Ethernet source MAC ad…
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2026-7422
|
2026-05-4 22:43 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1846
|
6.5 |
MEDIUM
Network
|
devolutions
|
devolutions_server
|
Improper
access control in the vault documentation feature in Devolutions
Server allows an authenticated attacker to read documentation content
from unauthorized vaults via a crafted API request.
…
|
CWE-862
Missing Authorization
|
CVE-2026-6706
|
2026-05-4 22:37 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1847
|
6.5 |
MEDIUM
Adjacent
|
amazon
|
freertos-plus-tcp
|
Integer underflow in the ICMP and ICMPv6 echo reply handlers in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network user to cause a denial of service (device crash) when outgoing pi…
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2026-7423
|
2026-05-4 22:35 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1848
|
8.1 |
HIGH
Adjacent
|
amazon
|
freertos-plus-tcp
|
Integer underflow in the DHCPv6 sub-option parser in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network actor to corrupt the device's IPv6 address assignment, DNS configuration, an…
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2026-7424
|
2026-05-4 22:22 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1849
|
6.5 |
MEDIUM
Adjacent
|
amazon
|
freertos-plus-tcp
|
Insufficient option length validation in the IPv6 Router Advertisement parser in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause a denial of service (device crash…
|
CWE-125
Out-of-bounds Read
|
CVE-2026-7425
|
2026-05-4 22:12 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1850
|
8.1 |
HIGH
Adjacent
|
amazon
|
freertos-plus-tcp
|
Insufficient validation of the prefix length field in IPv6 Router Advertisement processing in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause memory corruption by…
|
CWE-787
Out-of-bounds Write
|
CVE-2026-7426
|
2026-05-4 22:12 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
