|
501
|
8.0 |
HIGH
Network
|
-
|
-
|
Cross-Site request forgery (CSRF) vulnerability in Sitemio Information Technologies Trade Ltd. Co. WISECP allows Cross Site Request Forgery.
This issue affects WISECP: through 20022026. NOTE: The ve…
|
CWE-352
Origin Validation Error
|
CVE-2025-11954
|
2026-05-20 23:04 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
502
|
7.8 |
HIGH
Local
|
-
|
-
|
Improper Access Control vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component enables a normal user gaining access to the admin panel. This issue affects Meona Clie…
|
CWE-284
Improper Access Control
|
CVE-2026-0856
|
2026-05-20 23:03 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
503
|
6.0 |
MEDIUM
Local
|
-
|
-
|
Cleartext Storage of Sensitive Information in Memory vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component.
This issue affects Meona Client Launcher Component: thr…
|
CWE-316
Cleartext Storage of Sensitive Information in Memory
|
CVE-2026-0857
|
2026-05-20 23:03 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
504
|
9.0 |
CRITICAL
Network
|
-
|
-
|
Improper Control of Generation of Code ('Code Injection') vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component enables code execution on other users' systems. This…
|
CWE-94
Code Injection
|
CVE-2026-22314
|
2026-05-20 23:03 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
505
|
7.2 |
HIGH
Network
|
-
|
-
|
Incorrect Privilege Assignment vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component enables the export of user data, including cleartext passwords, via the SQL ed…
|
CWE-266
Incorrect Privilege Assignment
|
CVE-2026-22315
|
2026-05-20 23:03 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
506
|
4.4 |
MEDIUM
Local
|
-
|
-
|
Insufficient Verification of Data Authenticity vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component makes it possible to send messages to any email address. This i…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2026-25602
|
2026-05-20 23:03 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
507
|
- |
|
-
|
-
|
NLnet Labs Unbound 1.6.2 up to and including version 1.25.0 has a denial of service vulnerability when compiled with DNSCrypt support ('--enable-dnscrypt'). A bad DNSCrypt query could underflow Unbou…
|
CWE-125
CWE-166
Out-of-bounds Read
Improper Handling of Missing Special Element
|
CVE-2026-32792
|
2026-05-20 23:02 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
508
|
- |
|
-
|
-
|
NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep copying …
|
CWE-416
CWE-672
Use After Free
Operation on a Resource after Expiration or Release
|
CVE-2026-33278
|
2026-05-20 23:02 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
509
|
- |
|
-
|
-
|
NLnet Labs Unbound 1.16.2 up to and including version 1.25.0 has a vulnerability of the 'ghost domain names' family of attacks that could extend the ghost domain window by up to one cached TTL config…
|
CWE-346
Origin Validation Error
|
CVE-2026-40622
|
2026-05-20 23:02 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
510
|
- |
|
-
|
-
|
NLnet Labs Unbound up to and including version 1.25.0 is vulnerable to a degradation of service attack related to parsing long lists of incoming EDNS options. An adversary sending queries with too ma…
|
CWE-407
CWE-770
Inefficient Algorithmic Complexity
Allocation of Resources Without Limits or Throttling
|
CVE-2026-41292
|
2026-05-20 23:02 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
