|
4121
|
5.4 |
MEDIUM
Network
|
synology
|
contacts
|
Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in contact functionality in Synology Contacts before 1.0.10-20659 allows remote authenticated users …
|
CWE-79
Cross-site Scripting
|
CVE-2025-13167
|
2026-05-29 01:37 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4122
|
9.4 |
CRITICAL
Network
|
free5gc
|
free5gc
|
free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the 3gpp-traffic-influence API without inbound OAuth2/bearer-token authorization. A network attac…
|
CWE-862
Missing Authorization
|
CVE-2026-44326
|
2026-05-29 01:25 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4123
|
10.0 |
CRITICAL
Network
|
free5gc
|
free5gc
|
free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-oam route group without inbound OAuth2/bearer-token authorization. A network attacker wh…
|
CWE-306
CWE-862
Missing Authentication for Critical Function
Missing Authorization
|
CVE-2026-44327
|
2026-05-29 01:24 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4124
|
8.2 |
HIGH
Network
|
free5gc
|
free5gc
|
free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's SMF mounts the UPI management route group without inbound OAuth2 middleware. On top of that, the DELETE /upi…
|
CWE-306
CWE-476
CWE-862
Missing Authentication for Critical Function
NULL Pointer Dereference
Missing Authorization
|
CVE-2026-44328
|
2026-05-29 01:24 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4125
|
10.0 |
CRITICAL
Network
|
free5gc
|
free5gc
|
free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's SMF mounts the UPI management route group without OAuth2/bearer-token authorization middleware. A network at…
|
CWE-306
CWE-862
Missing Authentication for Critical Function
Missing Authorization
|
CVE-2026-44329
|
2026-05-29 01:23 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4126
|
8.8 |
HIGH
Network
|
-
|
-
|
A weakness has been identified in UTT HiPER 1200GW up to 2.5.3-170306. Affected is an unknown function of the file /goform/formPptpClientConfig of the component Web Management Interface. This manipul…
|
CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error')
Stack-based Buffer Overflow
|
CVE-2026-9628
|
2026-05-29 01:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4127
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in itsourcecode Courier Management System 1.0. The affected element is an unknown function of the file /parcel_list.php. Performing a manipulation of the argument s results …
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-9607
|
2026-05-29 01:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4128
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This impacts an unknown function of the file /index.php of the component SQL Handler. E…
|
CWE-200
CWE-209
Information Exposure
Information Exposure Through an Error Message
|
CVE-2026-9583
|
2026-05-29 01:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4129
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in sambitraj STUDENT-MANAGEMENT-SYSTEM up to 56ba287f2e9031523ccb4244cb6e3fe530e4e5d5. The affected element is an unknown function of the component Dashboard. Such mani…
|
CWE-266
CWE-284
Incorrect Privilege Assignment
Improper Access Control
|
CVE-2026-9562
|
2026-05-29 01:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4130
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was identified in Totolink CA750-PoE 6.2c.510. This affects the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Such manipulation of the argu…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-9511
|
2026-05-29 01:16 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
