|
1041
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in ggerve coding-standards-mcp. This issue affects the function get_style_guide/get_best_practices of the file server.py. The manipulation of the argument Language results i…
|
CWE-22
Path Traversal
|
CVE-2026-7588
|
2026-05-2 03:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1042
|
7.3 |
HIGH
Network
|
hashcat
|
hashcat
|
A heap-based buffer overflow in the Kerberos hash parser in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted Kerberos hash file. The iss…
|
CWE-787
CWE-122
Out-of-bounds Write
Heap-based Buffer Overflow
|
CVE-2026-42483
|
2026-05-2 03:16 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1043
|
8.6 |
HIGH
Network
|
-
|
-
|
Buffer overflow vulnerability in Open Vehicle Monitoring System 3 (OVMS3) 3.3.005. In canformat_canswitch.cpp the parser does not properly validate a CANswitch DLC value, allowing remote attackers to…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-42469
|
2026-05-2 03:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1044
|
7.5 |
HIGH
Network
|
-
|
-
|
Buffer overflow vulnerability in Open Vehicle Monitoring System 3 (OVMS3) 3.3.005. In canformat_pcap.cpp , the parser's phdr.len field is not properly validated, allowing remote attackers to cause a …
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-42468
|
2026-05-2 03:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1045
|
7.5 |
HIGH
Network
|
exim
|
exim
|
In Exim before 4.99.2, on systems using musl libc (not glibc), an attacker can crash the connection instance when malformed DNS data is present in PTR records. This is caused by a dn_expand oddity in…
|
CWE-684
Incorrect Provision of Specified Functionality
|
CVE-2026-40684
|
2026-05-2 03:16 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1046
|
10.0 |
CRITICAL
Network
|
-
|
-
|
Buffer overflow vulnerability in Open Vehicle Monitoring System 3 (OVMS3) 3.3.005. In canformat_gvret.cpp, the length field in GVRET binary data is not properly validated, allowing remote attackers t…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-37541
|
2026-05-2 03:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1047
|
8.4 |
HIGH
Local
|
-
|
-
|
OpenAMP v2025.10.0 ELF loader contains an integer overflow vulnerability in firmware image parsing. In elf_loader.c, it performs multiplication of two attacker-controlled 16-bit values from the ELF h…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-37540
|
2026-05-2 03:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1048
|
- |
|
-
|
-
|
An off-by-one out-of-bounds write vulnerability in the bgp_flowspec_op_decode() function (bgpd/bgp_flowspec_util.c) of FRRouting (FRR) stable/10.0 allows attackers to cause a Denial of Service (DoS) …
|
-
|
CVE-2026-37457
|
2026-05-2 03:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1049
|
- |
|
-
|
-
|
A Command Injection vulnerability in the web management interface in Aver PTC320UV2 0.1.0000.65 allows an unauthenticated attacker to execute arbitrary commands via a crafted web request.
|
-
|
CVE-2026-26461
|
2026-05-2 03:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1050
|
9.6 |
CRITICAL
Network
|
-
|
-
|
A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the proce…
|
CWE-416
Use After Free
|
CVE-2026-22166
|
2026-05-2 03:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
