|
2571
|
6.6 |
MEDIUM
Local
|
samsung
|
one
|
Integer overflow in memory copy size calculation in Samsung Open Source ONE could lead to invalid memory operations with large tensor shapes.
Affected version is prior to commit 1.30.0.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-41664
|
2026-04-28 03:21 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2572
|
4.8 |
MEDIUM
Network
|
ibm
|
guardium_key_lifecycle_manager
|
IBM Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2, 4.2.1, 5.0, and 5.1
|
CWE-269
NVD-CWE-noinfo
Improper Privilege Management
|
CVE-2026-1726
|
2026-04-28 03:21 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2573
|
6.6 |
MEDIUM
Local
|
samsung
|
one
|
Integer overflow in output tensor copy size calculation in Samsung Open Source ONE could cause incorrect copy length and memory corruption for oversized tensors.
Affected version is prior to commit …
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-40450
|
2026-04-28 03:21 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2574
|
6.6 |
MEDIUM
Local
|
samsung
|
one
|
Integer overflow in buffer size calculation could result in out of bounds memory access when handling large tensors in Samsung Open Source ONE.
Affected version is prior to commit 1.30.0.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-40449
|
2026-04-28 03:21 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2575
|
9.8 |
CRITICAL
Network
|
rclone
|
rclone
|
Rclone is a command-line program to sync files and directories to and from different cloud storage providers. The RC endpoint `options/set` is exposed without `AuthRequired: true`, but it can mutate …
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2026-41176
|
2026-04-28 03:19 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2576
|
5.3 |
MEDIUM
Local
|
samsung
|
one
|
Potential Integer overflow in tensor allocation size calculation could lead to insufficient memory allocation for large tensors in Samsung Open Source ONE.
Affected version is prior to commit 1.30.0.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-40448
|
2026-04-28 03:18 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2577
|
9.8 |
CRITICAL
Network
|
rclone
|
rclone
|
Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Starting in version 1.48.0 and prior to version 1.73.5, the RC endpoint `operations/fsinf…
|
CWE-78
CWE-306
OS Command
Missing Authentication for Critical Function
|
CVE-2026-41179
|
2026-04-28 03:18 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2578
|
- |
|
-
|
-
|
An authenticated attacker can persist crafted values in multiple field types and trigger client-side script execution when another user opens the affected document in Desk. The vulnerable formatter i…
|
CWE-79
Cross-site Scripting
|
CVE-2026-3837
|
2026-04-28 03:16 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2579
|
4.9 |
MEDIUM
Network
|
ibm
|
guardium_data_protection
|
IBM Guardium Data Protection 12.1 could allow an administrative user to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../…
|
CWE-22
Path Traversal
|
CVE-2026-4917
|
2026-04-28 03:13 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2580
|
4.8 |
MEDIUM
Network
|
ibm
|
guardium_data_protection
|
IBM Guardium Data Protection 12.1 is vulnerable to stored cross-site scripting. This vulnerability allows an administrative user to embed arbitrary JavaScript code in the Web UI thus altering the int…
|
CWE-79
Cross-site Scripting
|
CVE-2026-4918
|
2026-04-28 03:13 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
