|
821
|
- |
|
-
|
-
|
FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, the Redirect module does not validate the URL scheme of administrator-configured destination URLs befo…
New
|
CWE-601
Open Redirect
|
CVE-2026-43924
|
2026-06-5 00:41 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
822
|
- |
|
-
|
-
|
FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, the password reset confirmation endpoint `/client/reset-password-confirm/:hash` is handled by a non-AP…
New
|
CWE-204
CWE-307
Response Discrepancy Information Exposure
mproper Restriction of Excessive Authentication Attempts
|
CVE-2026-43926
|
2026-06-5 00:41 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
823
|
- |
|
-
|
-
|
GNCC GP5 v7.1.76 was discovered to store sensitive wireless network information in plaintext during routine operations to the serial console. This issue allows physically-proximate attackers to obtai…
New
|
-
|
CVE-2026-36174
|
2026-06-5 00:41 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
824
|
- |
|
-
|
-
|
A lack of runtime integrity in GNCC GP5 v7.1.76 allows physically-proximate attackers to bypass file system read-only protections and modify system files and binaries for the duration of a boot sessi…
New
|
-
|
CVE-2026-36180
|
2026-06-5 00:41 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
825
|
7.4 |
HIGH
Local
|
-
|
-
|
A privilege escalation vulnerability exists in PlayStation 4 firmware versions 13.00 through 13.02. The BD-J (Blu-ray Disc Java) sandbox can be escaped through a malformed JAR file.
New
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2025-64390
|
2026-06-5 00:35 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
826
|
- |
|
-
|
-
|
Out of bounds write and reads in openSeaChest’s --showSCSIDefects in Seagate’s openSeaChest v25.05.3 on all supported platforms allows for writing defect information out of bounds for very large defe…
New
|
CWE-787
Out-of-bounds Write
|
CVE-2026-10717
|
2026-06-5 00:35 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
827
|
- |
|
-
|
-
|
Out of bounds write in openSeaChest’s Trim/Unmap operation in Seagate’s openSeaChest v26.03.0 on all supported platforms allows for writing extra memory describing a range of LBAs to deallocate 16 by…
New
|
CWE-787
Out-of-bounds Write
|
CVE-2026-10718
|
2026-06-5 00:35 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
828
|
- |
|
-
|
-
|
Out of bounds write in openSeaChest’s --showSupportedFormats in Seagate’s openSeaChest v25.05.3 on all supported platforms allows for writing 1 extra byte outside of allocated memory which sets a val…
New
|
CWE-787
Out-of-bounds Write
|
CVE-2026-10719
|
2026-06-5 00:35 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
829
|
7.8 |
HIGH
Local
|
-
|
-
|
An inclusion of functionality from untrusted control sphere vulnerability in OpenSSL configuration in Synology Active Backup for Business Recovery Media Creator before 2.5.0-2081 allows local users t…
New
|
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
|
CVE-2022-49036
|
2026-06-5 00:35 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
830
|
7.8 |
HIGH
Local
|
-
|
-
|
A network man-in-the-middle between nats-sync and the BOSH director can steal the director credentials (Basic auth header or UAA client secret) and can tamper with the VM list that is written into th…
New
|
CWE-295
Improper Certificate Validation
|
CVE-2026-41859
|
2026-06-5 00:35 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
