|
521
|
6.5 |
MEDIUM
Adjacent
|
-
|
-
|
Dräger Infinity Delta, Delta XL, and Kappa patient monitors contain a denial-of-service vulnerability that allows remote attackers to cause the monitor to reboot by sending a malformed network packet…
New
|
CWE-15
External Control of System or Configuration Setting
|
CVE-2019-25716
|
2026-06-2 23:50 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
522
|
8.4 |
HIGH
Local
|
-
|
-
|
Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attackers to break out of kiosk mode and access the underlying operating system through a specific dialog inter…
New
|
CWE-451
User Interface (UI) Misrepresentation of Critical Information
|
CVE-2019-25718
|
2026-06-2 23:50 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
523
|
6.1 |
MEDIUM
Network
|
-
|
-
|
Cross-Site Scripting (XSS) in GeniexWebView component in Transsion AI Assistant Lifestyle application (com.transsion.aiassistantlifestyle) all versions on Android allows remote attacker to execute ar…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-10510
|
2026-06-2 23:50 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
524
|
6.5 |
MEDIUM
Network
|
-
|
-
|
D.Launcher 2 component of Slovak eID client ecosystem contains Improper URL Handler Processing vulnerability. Application registers multiple custom URL handlers that could be exploited to initiate fu…
New
|
CWE-74
CWE-200
Injection
Information Exposure
|
CVE-2026-8993
|
2026-06-2 23:50 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
525
|
5.7 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V4.0). The affected applications stores sensitive information in the browser cache when an authenticated user…
New
|
CWE-525
Use of Web Browser Cache Containing Sensitive Information
|
CVE-2026-41918
|
2026-06-2 23:50 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
526
|
- |
|
-
|
-
|
Use of default credentials vulnerability in Roche Diagnostics navify Digital Pathology (RabbitMQ Management interface modules) allows Default Usernames and Passwords. This issue affects navify Digita…
New
|
CWE-1392
Use of Default Credentials
|
CVE-2026-9844
|
2026-06-2 23:50 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
527
|
8.8 |
HIGH
Network
|
openstack
|
keystone
|
An issue was discovered in OpenStack Keystone before 29.0.2. The Keystone application credential authentication plugin does not verify that the user supplied in the authentication request matches the…
Update
|
CWE-863
Incorrect Authorization
|
CVE-2026-42998
|
2026-06-2 23:50 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
528
|
9.8 |
CRITICAL
Network
|
ibm
|
cloud_pak_for_data_system_-_cyclops
|
IBM Cloud Pak for Data System - Cyclops 11.3.0.2 through Interim Fix 002 IBM Cloud Pak for Data System is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, …
Update
|
CWE-89
SQL Injection
|
CVE-2025-36220
|
2026-06-2 23:50 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
529
|
7.5 |
HIGH
Network
|
ibm
|
cloud_pak_for_data_system_-_cyclops
|
IBM Cloud Pak for Data System - Cyclops 11.3.0.2 through Interim Fix 002 IBM Cloud Pak for Data System uses default passwords default passwords from the manufacturing process for use during the inst…
Update
|
CWE-1392
NVD-CWE-noinfo
Use of Default Credentials
|
CVE-2025-36221
|
2026-06-2 23:49 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
530
|
4.3 |
MEDIUM
Network
|
jenkins
|
job_import
|
Jenkins Job Import Plugin 143.v044a_2e819b_27 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to enumerate credentials IDs of cred…
Update
|
CWE-269
Improper Privilege Management
|
CVE-2026-48926
|
2026-06-2 23:49 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
