|
2491
|
8.8 |
HIGH
Network
|
struktur
|
libheif
|
libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow (write) vulnerability in the grid tile compositing, allowing an attacker to write …
|
CWE-787
Out-of-bounds Write
|
CVE-2026-32740
|
2026-05-21 23:16 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2492
|
9.1 |
CRITICAL
Network
|
eclipse
|
glassfish
|
An authenticated Remote Code Execution (RCE) vulnerability was identified in GlassFish's Administration Console. A user with access to the panel can send crafted requests that allow the execution of …
|
CWE-94
CWE-917
Code Injection
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
|
CVE-2026-2586
|
2026-05-21 22:18 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2493
|
9.6 |
CRITICAL
Network
|
eclipse
|
glassfish
|
A critical Remote Code Execution (RCE) vulnerability was identified in the server-side template rendering mechanism used by the Glassfish gadget handler. The application processes .xml files and eval…
|
CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
|
CVE-2026-2587
|
2026-05-21 22:18 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2494
|
7.5 |
HIGH
Network
|
nvidia
|
tensorrt_llm
|
NVIDIA TRT-LLM for any platform contains a vulnerability where an attacker could cause an unchecked return value to a null pointer dereference. A successful exploit of this vulnerability might lead …
|
CWE-690
Unchecked Return Value to NULL Pointer Dereference
|
CVE-2026-24160
|
2026-05-21 22:09 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2495
|
9.8 |
CRITICAL
Network
|
nvidia
|
tensorrt_llm
|
NVIDIA TRT-LLM for any platform contains a vulnerability in MPI server, where an attacker could cause an unsafe deserialization. A successful exploit of this vulnerability might lead to code executio…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2025-33255
|
2026-05-21 09:06 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2496
|
9.8 |
CRITICAL
Network
|
nvidia
|
tensorrt_llm
|
NVIDIA TRT-LLM for any platform contains a deserialization vulnerability and unsafe serialized handle. A successful exploit of this vulnerability might lead to code execution, data tampering, and i…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2026-24142
|
2026-05-21 09:04 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2497
|
- |
|
-
|
-
|
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
|
-
|
CVE-2026-8399
|
2026-05-21 08:16 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2498
|
3.1 |
LOW
Network
|
emqx
|
emqx
|
A vulnerability has been found in EMQX up to 6.2.0. This affects an unknown function of the file apps/emqx/src/emqx_persistent_session_ds.erl of the component QoS 2 PUBLISH Packet Handler. Such manip…
|
CWE-362
Race Condition
|
CVE-2026-8741
|
2026-05-21 08:02 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2499
|
8.1 |
HIGH
Network
|
microsoft
|
malware_protection_engine
|
Heap-based buffer overflow in Microsoft Defender allows an unauthorized attacker to execute code over a network.
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-45584
|
2026-05-21 03:56 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2500
|
7.8 |
HIGH
Local
|
microsoft
|
windows_admin_center
|
Improper link resolution before file access ('link following') in Azure Portal Windows Admin Center allows an authorized attacker to elevate privileges locally.
|
CWE-59
Link Following
|
CVE-2026-42834
|
2026-05-21 03:29 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
