|
301
|
5.5 |
MEDIUM
Local
|
pypdf_project
|
pypdf
|
pypdf is a free and open-source pure-python PDF library. Prior to 6.12.1, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing large XMP me…
Update
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-48735
|
2026-05-30 04:38 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302
|
3.3 |
LOW
Local
|
pypdf_project
|
pypdf
|
pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires cross-reference streams w…
Update
|
CWE-834
Excessive Iteration
|
CVE-2026-48156
|
2026-05-30 04:38 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303
|
5.5 |
MEDIUM
Local
|
pypdf_project
|
pypdf
|
pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting text in l…
Update
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-48155
|
2026-05-30 04:38 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304
|
9.8 |
CRITICAL
Network
|
ibm
|
engineering_lifecycle_management
|
IBM Engineering Lifecycle Management 7.0.3, 7.1.0, and 7.2.0 could allow an unauthenticated remote attacker to update server property files that would allow them to gain unauthorized access to the ap…
Update
|
CWE-863
Incorrect Authorization
|
CVE-2026-3660
|
2026-05-30 04:31 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305
|
9.6 |
CRITICAL
Network
|
amirraminfar
|
dozzle
|
Dozzle is a realtime log viewer for docker containers. Prior to 10.5.2, he WebSocket upgrader for the /exec and /attach endpoints uses CheckOrigin: func(r *http.Request) bool { return true }, accepti…
Update
|
CWE-346
Origin Validation Error
|
CVE-2026-44985
|
2026-05-30 04:30 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306
|
7.1 |
HIGH
Adjacent
|
free5gc
|
free5gc
|
free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, the AMF in Free5GC does not verify the UE Security Capabilities received in NGAP PathSwitchRequest messages against it…
Update
|
CWE-358
Improperly Implemented Security Check for Standard
|
CVE-2026-42081
|
2026-05-30 04:24 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307
|
8.6 |
HIGH
Network
|
amirraminfar
|
dozzle
|
Dozzle is a realtime log viewer for docker containers. Prior to 10.5.2, in a default dozzle deploy (the documented quickstart, no DOZZLE_AUTH_PROVIDER set), POST /api/notifications/test-webhook is re…
Update
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-45298
|
2026-05-30 04:23 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308
|
9.1 |
CRITICAL
Network
|
-
|
-
|
There is an authentication bypass vulnerability in the NI SystemLink Enterprise Dashboard application that may allow an unauthenticated remote attacker to bypass authentication controls leading to pr…
New
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2026-9051
|
2026-05-30 04:16 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309
|
5.3 |
MEDIUM
Network
|
-
|
-
|
liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to 0.16.0, an out-of-bounds read has been identified in the XMSS and XMSS^MT …
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-46344
|
2026-05-30 04:16 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310
|
5.4 |
MEDIUM
Adjacent
|
-
|
-
|
Danelec MacGregor Voyage Data Recorder
passwords are stored with a hashing method which limits password length and is susceptible to brute force attacks.
New
|
CWE-916
Use of Password Hash With Insufficient Computational Effort
|
CVE-2026-44611
|
2026-05-30 04:16 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
