|
1791
|
8.8 |
HIGH
Network
|
dlink
|
dcs-935l_firmware
|
A vulnerability was found in D-Link DCS-935L up to 1.10.01. The impacted element is the function SetDeviceSettings of the file /web/cgi-bin/hnap/hnap_service of the component HNAP Service. The manipu…
|
CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error')
Classic Buffer Overflow
|
CVE-2026-8260
|
2026-05-13 04:45 |
2026-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1792
|
9.8 |
CRITICAL
Network
|
tenda
|
ac10u_firmware
|
A security flaw has been discovered in Tenda AC6 15.03.06.49_multi_TDE01. Affected is the function fromSetWirelessRepeat of the file /goform/WifiExtraSet of the component httpd. Performing a manipula…
|
CWE-77
CWE-78
CWE-787
Command Injection
OS Command
Out-of-bounds Write
|
CVE-2026-8263
|
2026-05-13 04:41 |
2026-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1793
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/atmel-hlcdc: fix use-after-free of drm_crtc_commit after release
The atmel_hlcdc_plane_atomic_duplicate_state() callback was …
|
CWE-416
Use After Free
|
CVE-2026-43236
|
2026-05-13 03:59 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1794
|
5.4 |
MEDIUM
Network
|
-
|
-
|
An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiNDR 7.6.0 through 7.6.2, FortiNDR 7.4.0 through 7.4.9, FortiNDR 7.2 all versions…
|
CWE-89
SQL Injection
|
CVE-2026-25088
|
2026-05-13 03:57 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1795
|
4.3 |
MEDIUM
Network
|
-
|
-
|
An improper neutralization of argument delimiters in a command ('argument injection') vulnerability in Fortinet FortiDeceptor 6.0.0 through 6.0.2, FortiDeceptor 5.3.0 through 5.3.3, FortiDeceptor 5.2…
|
CWE-88
Argument Injection
|
CVE-2026-25690
|
2026-05-13 03:57 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1796
|
- |
|
-
|
-
|
Corteza contains a SQL injection vulnerability in its Microsoft SQL Server (MSSQL) backend when filtering Compose records by the meta field.This issue affects corteza: 2024.9.8.
|
CWE-89
SQL Injection
|
CVE-2026-6093
|
2026-05-13 03:56 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1797
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: Refactor amdgpu_gem_va_ioctl for Handling Last Fence Update and Timeline Management v4
This commit simplifies the amd…
|
CWE-416
Use After Free
|
CVE-2026-43237
|
2026-05-13 03:55 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1798
|
- |
|
-
|
-
|
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2. An app may be able to access sensitiv…
|
-
|
CVE-2025-46311
|
2026-05-13 03:55 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1799
|
7.8 |
HIGH
Local
|
-
|
-
|
Illustrator versions 29.8.6, 30.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of th…
|
CWE-787
Out-of-bounds Write
|
CVE-2026-34661
|
2026-05-13 03:55 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1800
|
5.5 |
MEDIUM
Adjacent
|
-
|
-
|
Illustrator versions 29.8.6, 30.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerabil…
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-34662
|
2026-05-13 03:55 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
