|
701
|
5.5 |
MEDIUM
Local
|
pavel-odintsov
|
fastnetmon
|
FastNetMon Community Edition through 1.2.9 is vulnerable to a local symlink attack via predictable file paths in /tmp. The statistics file path defaults to '/tmp/fastnetmon.dat' (src/fastnetmon.cpp l…
New
|
CWE-59
Link Following
|
CVE-2026-48693
|
2026-05-27 23:42 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
702
|
7.1 |
HIGH
Local
|
pavel-odintsov
|
fastnetmon
|
FastNetMon Community Edition through 1.2.9 contains an integer overflow vulnerability in the packet capture buffer allocation. In src/packet_storage.hpp, the allocate_buffer() function computes memor…
New
|
CWE-122
CWE-190
Heap-based Buffer Overflow
Integer Overflow or Wraparound
|
CVE-2026-48690
|
2026-05-27 23:34 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
703
|
6.5 |
MEDIUM
Network
|
pavel-odintsov
|
fastnetmon
|
FastNetMon Community Edition through 1.2.9 contains an out-of-bounds read in the NetFlow v9 options template parser. In process_netflow_v9_options_template() (src/netflow_plugin/netflow_v9_collector.…
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-48684
|
2026-05-27 23:26 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
704
|
6.5 |
MEDIUM
Network
|
pavel-odintsov
|
fastnetmon
|
FastNetMon Community Edition through 1.2.9 has out-of-bounds memory access because it incorrectly parses BGP path attributes with the extended length flag set. In src/bgp_protocol.hpp, the parse_raw_…
New
|
CWE-130
Improper Handling of Length Parameter Inconsistency
|
CVE-2026-48685
|
2026-05-27 23:23 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
705
|
9.8 |
CRITICAL
Network
|
pavel-odintsov
|
fastnetmon
|
FastNetMon Community Edition through 1.2.9 contains a stack-based buffer overflow in the BGP NLRI (Network Layer Reachability Information) decoder. The function decode_bgp_subnet_encoding_ipv4_raw() …
New
|
CWE-120
CWE-787
Classic Buffer Overflow
Out-of-bounds Write
|
CVE-2026-48686
|
2026-05-27 23:23 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
706
|
7.4 |
HIGH
Local
|
-
|
-
|
In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer with…
New
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-49014
|
2026-05-27 23:17 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
707
|
4.0 |
MEDIUM
Local
|
-
|
-
|
libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parse_iad_array() in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed US…
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-47104
|
2026-05-27 23:17 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
708
|
7.3 |
HIGH
Local
|
-
|
-
|
smallbitvec is a growable bit-vector for Rust, optimized for size. From 1.0.1 to 2.6.0, an integer overflow in the internal capacity calculation of smallbitvec can lead to an undersized heap allocati…
New
|
CWE-122
CWE-190
Heap-based Buffer Overflow
Integer Overflow or Wraparound
|
CVE-2026-44983
|
2026-05-27 23:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
709
|
7.5 |
HIGH
Network
|
-
|
-
|
Vanetza is an open-source implementation of the ETSI C-ITS protocol suite. In 26.02 and earlier, a denial-of-service vulnerability was identified in the cryptographic verification pipeline of Vanetza…
New
|
CWE-248
Uncaught Exception
|
CVE-2026-44905
|
2026-05-27 23:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
710
|
4.7 |
MEDIUM
Network
|
-
|
-
|
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, the Image directive plugin validates the :width: and :height: options with a regex compiled as _num_re = re.compile(r"^…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-44899
|
2026-05-27 23:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
