|
1121
|
7.8 |
HIGH
Local
|
google
|
android
|
In multiple locations, there is a possible way to reveal images across users due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges…
Update
|
NVD-CWE-noinfo
CWE-20
Improper Input Validation
|
CVE-2025-22424
|
2026-06-4 07:16 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1122
|
8.4 |
HIGH
Local
|
-
|
-
|
Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attackers to break out of kiosk mode and access the underlying operating system through a specific dialog inter…
Update
|
CWE-451
User Interface (UI) Misrepresentation of Critical Information
|
CVE-2019-25718
|
2026-06-4 07:16 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1123
|
6.5 |
MEDIUM
Adjacent
|
-
|
-
|
Dräger Infinity Delta, Delta XL, and Kappa patient monitors contain a denial-of-service vulnerability that allows remote attackers to cause the monitor to reboot by sending a malformed network packet…
Update
|
CWE-15
External Control of System or Configuration Setting
|
CVE-2019-25716
|
2026-06-4 07:16 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1124
|
9.1 |
CRITICAL
Network
|
github
|
cli
|
GitHub CLI (gh) is GitHub’s official command line tool. Prior to 2.93.0, GitHub CLI incorrectly includes authorization header in API requests to TUF repository mirrors via gh attestation, gh release …
Update
|
CWE-863
Incorrect Authorization
|
CVE-2026-48501
|
2026-06-4 06:06 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1125
|
4.9 |
MEDIUM
Network
|
macgregor
|
interschalt_vdr_g4e_firmware
|
The administrator account for the
Danelec MacGregor Voyage Data Recorder
web interface can directly edit sensitive files related to authentication, potentially changing the root password.
Update
|
CWE-552
Files or Directories Accessible to External Parties
|
CVE-2026-40425
|
2026-06-4 05:54 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1126
|
4.3 |
MEDIUM
Network
|
nextcloud
|
calendar
|
Nextcloud is an open source content collaboration platform. From versions 5.5.13 to before 5.5.17, and 6.2.0 to before 6.2.3, an authenticated user can enumerate users on the same Nextcloud instance …
Update
|
CWE-200
NVD-CWE-noinfo
Information Exposure
|
CVE-2026-45286
|
2026-06-4 05:35 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1127
|
6.4 |
MEDIUM
Network
|
nextcloud
|
nextcloud_server
|
Nextcloud is an open source content collaboration platform. From versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, when a user shares a folder or file with a Nextcloud Team that includes…
Update
|
CWE-862
Missing Authorization
|
CVE-2026-45285
|
2026-06-4 05:34 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1128
|
8.8 |
HIGH
Network
|
nextcloud
|
user_oidc
|
Nextcloud is an open source content collaboration platform. From version 1.3.6 to before version 8.4.0, an improper check allowed users that where provided by LDAP to still authenticate towards user …
Update
|
CWE-284
NVD-CWE-noinfo
Improper Access Control
|
CVE-2026-45284
|
2026-06-4 05:28 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1129
|
8.6 |
HIGH
Network
|
openairinterface
|
openairinterface5g
|
An issue was discovered in OpenAirInterface5G 2.4.0 (nr-softmodem) in the E2SM-KPM RAN Function's PRB utilization metric calculation. The functions fill_RRU_PrbTotDl() and fill_RRU_PrbTotUl() in open…
Update
|
CWE-369
Divide By Zero
|
CVE-2026-37232
|
2026-06-4 05:26 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1130
|
2.7 |
LOW
Network
|
projectcapsule
|
capsule
|
Capsule is a multi-tenancy and policy-based framework for Kubernetes. To defend against namespace hijacking achieved through update/patch operations on namespaces, Capsule uses a webhook to validate …
Update
|
CWE-20
NVD-CWE-noinfo
Improper Input Validation
|
CVE-2026-30963
|
2026-06-4 05:22 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
