|
931
|
6.7 |
MEDIUM
Local
|
-
|
-
|
In geniezone, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privileg…
|
CWE-125
Out-of-bounds Read
|
CVE-2026-20447
|
2026-05-4 23:16 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
932
|
6.5 |
MEDIUM
Adjacent
|
amazon
|
freertos-plus-tcp
|
Insufficient packet validation in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to bypass all checksum and minimum-size validation by spoofing the Ethernet source MAC ad…
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2026-7422
|
2026-05-4 22:43 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
933
|
6.5 |
MEDIUM
Network
|
devolutions
|
devolutions_server
|
Improper
access control in the vault documentation feature in Devolutions
Server allows an authenticated attacker to read documentation content
from unauthorized vaults via a crafted API request.
…
|
CWE-862
Missing Authorization
|
CVE-2026-6706
|
2026-05-4 22:37 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
934
|
6.5 |
MEDIUM
Adjacent
|
amazon
|
freertos-plus-tcp
|
Integer underflow in the ICMP and ICMPv6 echo reply handlers in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network user to cause a denial of service (device crash) when outgoing pi…
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2026-7423
|
2026-05-4 22:35 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
935
|
8.1 |
HIGH
Adjacent
|
amazon
|
freertos-plus-tcp
|
Integer underflow in the DHCPv6 sub-option parser in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network actor to corrupt the device's IPv6 address assignment, DNS configuration, an…
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2026-7424
|
2026-05-4 22:22 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
936
|
6.5 |
MEDIUM
Adjacent
|
amazon
|
freertos-plus-tcp
|
Insufficient option length validation in the IPv6 Router Advertisement parser in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause a denial of service (device crash…
|
CWE-125
Out-of-bounds Read
|
CVE-2026-7425
|
2026-05-4 22:12 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
937
|
8.1 |
HIGH
Adjacent
|
amazon
|
freertos-plus-tcp
|
Insufficient validation of the prefix length field in IPv6 Router Advertisement processing in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to cause memory corruption by…
|
CWE-787
Out-of-bounds Write
|
CVE-2026-7426
|
2026-05-4 22:12 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
938
|
9.1 |
CRITICAL
Network
|
rti
|
connext_professional
|
Improper Restriction of XML External Entity Reference vulnerability in Connext Professional (Core Libraries) allows Serialized Data External Linking.This issue affects Connext Professional: from 7.4.…
|
CWE-611
XXE
|
CVE-2025-14543
|
2026-05-4 22:02 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
939
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
xen/privcmd: fix double free via VMA splitting
privcmd_vm_ops defines .close (privcmd_close), but neither .may_split
nor .open. W…
|
-
|
CVE-2026-31787
|
2026-05-4 18:16 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
940
|
7.8 |
HIGH
Local
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
Buffer overflow in drivers/xen/sys-hypervisor.c
The build id returned by HYPERVISOR_xen_version(XENVER_build_id) is
neither NUL t…
|
-
|
CVE-2026-31786
|
2026-05-4 18:16 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
