|
231
|
7.5 |
HIGH
Network
|
-
|
-
|
Sensitive data exposure leading to admin/WLAN credential leak in ZTE ZXHN H298A 1.1 and H108N 2.6. A crafted request to the router web interface can expose sensitive device and account information. I…
New
|
CWE-200
Information Exposure
|
CVE-2026-34474
|
2026-05-8 00:15 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
232
|
- |
|
-
|
-
|
Samsung Print Service Plugin for Android is potentially vulnerable to information disclosure when using an outdated version of the application via mobile devices. HP is releasing updates to mitigate …
New
|
CWE-926
Improper Export of Android Application Components
|
CVE-2026-3291
|
2026-05-8 00:15 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
233
|
8.8 |
HIGH
Network
|
-
|
-
|
Math.js is an extensive math library for JavaScript and Node.js. From version 13.1.0 to before version 15.2.0, arbitrary JavaScript can be executed via the expression parser of mathjs. This issue has…
New
|
CWE-915
Improperly Controlled Modification of Dynamically-Determined Object Attributes
|
CVE-2026-41139
|
2026-05-8 00:15 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
234
|
8.1 |
HIGH
Network
|
-
|
-
|
OS command injection vulneravility in the management gui (maintenance utility) of Hitachi Virtual Storage Platform One Block 23, 24, 26 and 28.
This issue affects Hitachi Virtual Storage Platform On…
New
|
CWE-78
OS Command
|
CVE-2025-9661
|
2026-05-8 00:15 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
235
|
8.3 |
HIGH
Network
|
-
|
-
|
Remote Code Execution Vulnerability in Hitachi Storage Navigator and the maintenance console in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Vi…
New
|
CWE-94
Code Injection
|
CVE-2025-1978
|
2026-05-8 00:15 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
236
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Improper restriction of excessive authentication attempts vulnerability in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platfor…
New
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2025-2514
|
2026-05-8 00:15 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
237
|
- |
|
-
|
-
|
The Optoma CinemaX P2 projector (firmware TVOS-04.24.010.04.01, Android 8.0.0) exposes Android Debug Bridge (ADB) on TCP port 5555 over the network without requiring authentication. The device is con…
New
|
-
|
CVE-2026-30495
|
2026-05-8 00:15 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
238
|
- |
|
-
|
-
|
The Optoma CinemaX P2 projector (firmware TVOS-04.24.010.04.01, Android 8.0.0) exposes an HTTP API on TCP port 2345 that allows full unauthenticated remote control of the device. The API supports bot…
New
|
-
|
CVE-2026-30496
|
2026-05-8 00:15 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
239
|
5.0 |
MEDIUM
Network
|
-
|
-
|
An issue that could allow a dashboard configuration to be viewed from outside of the authorized organization scope has been resolved. This is an instance of CWE-269: Improper Privilege Management, an…
New
|
CWE-269
Improper Privilege Management
|
CVE-2026-7778
|
2026-05-8 00:12 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
240
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Dify before version 1.14.0 contains an authorization bypass vulnerability that allows authenticated users to read the full contents of files uploaded by other users within the same tenant by supplyin…
New
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-41950
|
2026-05-8 00:12 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
