|
4841
|
8.8 |
HIGH
Network
|
microsoft
|
sharepoint_server
|
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-45659
|
2026-05-28 03:32 |
2026-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4842
|
8.1 |
HIGH
Adjacent
|
pavel-odintsov
|
fastnetmon
|
FastNetMon Community Edition through 1.2.9 exposes a gRPC API server on port 50052 with no authentication mechanism. The server is initialized with grpc::InsecureServerCredentials() (src/fastnetmon.c…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2026-48692
|
2026-05-28 03:30 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4843
|
4.7 |
MEDIUM
Local
|
nvidia
|
gpu_display_driver
|
NVIDIA Display Driver for Linux contains a vulnerability in a kernel module, where a user could cause a race condition by reordering compiler or processor memory instructions. A successful exploit of…
|
CWE-362
Race Condition
|
CVE-2026-24199
|
2026-05-28 03:29 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4844
|
9.3 |
CRITICAL
Network
|
microsoft
|
365_copilot
|
Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an unauthorized attacker to perform tampering over a network.
|
CWE-77
Command Injection
|
CVE-2026-41090
|
2026-05-28 03:23 |
2026-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4845
|
7.8 |
HIGH
Local
|
babel
|
babel
|
Babel is a compiler for writing next generation JavaScript. From 7.12.0 to before 7.29.4 and 8.0.0-alpha.13, using Babel to compile code that was specifically crafted by an attacker can cause Babel t…
|
CWE-94
CWE-843
Code Injection
Type Confusion
|
CVE-2026-44728
|
2026-05-28 03:21 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4846
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was detected in itsourcecode Student Transcript Processing System 1.0. This affects an unknown part of the file /admin/modules/student/index.php?view=view. Performing a manipulation o…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-9573
|
2026-05-28 03:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4847
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in TeamSpeak 3 Server up to 3.13.7. This issue affects some unknown processing of the component clientek Handshake Handler. Performing a manipulation of the argument proo…
|
CWE-617
Reachable Assertion
|
CVE-2026-4392
|
2026-05-28 03:16 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4848
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in TeamSpeak 3 Server up to 3.13.7. This vulnerability affects unknown code of the component ECC Key Parser. Such manipulation leads to heap-based buffer ov…
|
CWE-119
CWE-122
Incorrect Access of Indexable Resource ('Range Error')
Heap-based Buffer Overflow
|
CVE-2026-4391
|
2026-05-28 03:16 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4849
|
5.4 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in TeamSpeak 3 Server up to 3.13.7. This affects the function process_resend_queue of the component Connection State Management. This manipulation causes use after free…
|
CWE-119
CWE-416
Incorrect Access of Indexable Resource ('Range Error')
Use After Free
|
CVE-2026-4390
|
2026-05-28 03:16 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4850
|
8.1 |
HIGH
Network
|
pavel-odintsov
|
fastnetmon
|
FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Juniper router integration plugin. The _log() function in src/juniper_plugin/fastnetmon_juniper.php (l…
|
CWE-78
OS Command
|
CVE-2026-48687
|
2026-05-28 03:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
