|
51
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Allegra exportReport Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Allegra. Authe…
New
|
CWE-22
Path Traversal
|
CVE-2026-11442
|
2026-06-13 09:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
52
|
7.8 |
HIGH
Local
|
-
|
-
|
Heap buffer out-of-bounds write vulnerability in Avira Antivirus engine when scanning a malformed POSIX tar archive may allow Local Execution of Code or Denial-of-Service of the antivirus engine proc…
New
|
CWE-787
Out-of-bounds Write
|
CVE-2026-6676
|
2026-06-13 08:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
53
|
7.4 |
HIGH
Network
|
-
|
-
|
Information disclosure vulnerability in Avira Password Manager when used with Mozilla Firefox may allow a remote attacker operating a cross-origin iframe to obtain credentials autofilled for the pare…
New
|
CWE-669
Incorrect Resource Transfer Between Spheres
|
CVE-2026-12068
|
2026-06-13 08:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
54
|
7.8 |
HIGH
Local
|
-
|
-
|
Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed PDF file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process.
This…
New
|
CWE-125
Out-of-bounds Read
|
CVE-2025-9033
|
2026-06-13 08:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
55
|
7.8 |
HIGH
Local
|
-
|
-
|
Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed Windows PE file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process…
New
|
CWE-125
Out-of-bounds Read
|
CVE-2025-9032
|
2026-06-13 08:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
56
|
7.8 |
HIGH
Local
|
-
|
-
|
Heap buffer out-of-bounds write vulnerability due to integer overflow in Avira Antivirus engine when scanning a malformed MS-DOS executable file may allow Local Execution of Code or Denial-of-Service…
New
|
CWE-190
CWE-787
Integer Overflow or Wraparound
Out-of-bounds Write
|
CVE-2025-14098
|
2026-06-13 08:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
57
|
- |
|
-
|
-
|
An authorization flaw in MISP’s object add/edit handling allowed an authenticated user with object editing permissions to assign a MISP object, or attributes contained within an object, to a sharing …
New
|
CWE-863
Incorrect Authorization
|
CVE-2026-54398
|
2026-06-13 07:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
58
|
- |
|
-
|
-
|
Rejected reason: CVE ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-53826. Reason: This candidate is a duplicate of CVE-2025-53826. Notes: All CVE users should reference CVE-2025…
New
|
-
|
CVE-2026-54095
|
2026-06-13 07:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
59
|
7.5 |
HIGH
Network
|
-
|
-
|
Capgo before 12.128.2 contains a denial of service vulnerability allowing attackers to register accounts using arbitrary email addresses without verification, then initiate deletion to lock emails in…
New
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2026-53868
|
2026-06-13 07:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
60
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Capgo before 12.128.2 fails to delete previously uploaded profile images from backend storage when users replace or remove them. Attackers can access orphaned image files through previously generated…
New
|
CWE-459
Incomplete Cleanup
|
CVE-2026-53867
|
2026-06-13 07:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
