Thu, Apr 09 · 10:16 PM CDTCVE-2026-33784
9.8/10 · Must read/watchNVDvuln
Summary
A Use of Default Password vulnerability in the Juniper Networks Support Insights (JSI) Virtual Lightweight Collector (vLWC) allows an unauthenticated, network-based attacker to take full control of the device. vLWC software images ship with an initial password for a high privileged account. A change of this password is
CVECVE-2026-33784
SeverityCRITICAL
TypeUPDATED
PublishedThu, Apr 09 · 10:16 PM CDT
ModifiedWed, Jul 08 · 03:20 AM CDT
Fri, May 01 · 03:16 PM CDTCVE-2026-43037
9.8/10 · Must read/watchNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: clear skb2->cb[] in ip4ip6_err() Oskar Kjos reported the following problem. ip4ip6_err() calls icmp_send() on a cloned skb whose cb[] was written by the IPv6 receive path as struct inet6_skb_parm. icmp_send() passes IPCB(skb2) to __ip_optio
CVECVE-2026-43037
SeverityCRITICAL
TypeUPDATED
PublishedFri, May 01 · 03:16 PM CDT
ModifiedTue, Jul 07 · 12:16 PM CDT
Wed, May 06 · 12:16 PM CDTCVE-2026-43198
9.8/10 · Must read/watchNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: tcp: fix potential race in tcp_v6_syn_recv_sock() Code in tcp_v6_syn_recv_sock() after the call to tcp_v4_syn_recv_sock() is done too late. After tcp_v4_syn_recv_sock(), the child socket is already visible from TCP ehash table and other cpus might use
CVECVE-2026-43198
SeverityCRITICAL
TypeUPDATED
PublishedWed, May 06 · 12:16 PM CDT
ModifiedTue, Jul 07 · 12:16 PM CDT
Mon, Jun 08 · 05:16 PM CDTCVE-2026-46289
9.8/10 · Must read/watchNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: lib/scatterlist: fix length calculations in extract_kvec_to_sg Patch series "Fix bugs in extract_iter_to_sg()", v3. Fix bugs in the kvec and user variants of extract_iter_to_sg. This series is growing due to useful remarks made by sashiko.dev. The main
CVECVE-2026-46289
SeverityCRITICAL
TypeUPDATED
PublishedMon, Jun 08 · 05:16 PM CDT
ModifiedTue, Jul 07 · 06:34 PM CDT
Fri, May 22 · 04:16 PM CDTCVE-2026-39821
9.6/10 · Must read/watchNVDvuln
Summary
The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label. For example, ToUnicode("xn--example-.com") incorrectly returns the name "example.com" rather than an error. This behavior can lead to privilege escalation in programs using the idna package. For example, a
CVECVE-2026-39821
SeverityCRITICAL
TypeUPDATED
PublishedFri, May 22 · 04:16 PM CDT
ModifiedTue, Jul 07 · 12:16 PM CDT
Mon, Apr 13 · 08:16 AM CDTCVE-2026-0234
9.1/10 · Must read/watchNVDvuln
Summary
An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR and Cortex XSIAM platforms during integration of Microsoft Teams that enables an unauthenticated user to access and modify protected resources.
CVECVE-2026-0234
SeverityCRITICAL
TypeUPDATED
PublishedMon, Apr 13 · 08:16 AM CDT
ModifiedTue, Jul 07 · 06:08 PM CDT
Wed, Jun 03 · 06:16 PM CDTCVE-2026-46244
9.1/10 · Must read/watchNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_inner: Fix IPv6 inner_thoff desync In nft_inner_parse_l2l3(), when processing inner IPv6 packets, ipv6_find_hdr() correctly computes the transport header offset traversing all extension headers, but the result is immediately overwritten
CVECVE-2026-46244
SeverityCRITICAL
TypeUPDATED
PublishedWed, Jun 03 · 06:16 PM CDT
ModifiedTue, Jul 07 · 12:16 PM CDT
Wed, May 27 · 05:16 AM CDTCVE-2026-8450
9.1/10 · Must read/watchNVDvuln
Summary
HTTP::Daemon versions before 6.17 for Perl allow OS command injection via send_file(). send_file() opens its string argument with Perl's 2-arg open(). The 2-arg form interprets magic prefixes: '| cmd' and 'cmd |' open a pipe to a subprocess, '> path' and '>> path' open the path for write or append. Untrusted input pass
CVECVE-2026-8450
SeverityCRITICAL
TypeUPDATED
PublishedWed, May 27 · 05:16 AM CDT
ModifiedTue, Jul 07 · 12:17 PM CDT
Wed, Dec 21 · 08:03 PM CSTCVE-2005-4459
10.0/10 · Must read/watchNVDvuln
Summary
Heap-based buffer overflow in the NAT networking components vmnat.exe and vmnet-natd in VMWare Workstation 5.5, GSX Server 3.2, ACE 1.0.1, and Player 1.0 allows remote authenticated attackers, including guests, to execute arbitrary code via crafted (1) EPRT and (2) PORT FTP commands.
CVECVE-2005-4459
SeverityHIGH
TypeUPDATED
PublishedWed, Dec 21 · 08:03 PM CST
ModifiedTue, Jul 07 · 10:01 PM CDT
Wed, Mar 25 · 06:16 PM CDTCVE-2025-67030
8.8/10 · Worth your timeNVDvuln
Summary
Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code
CVECVE-2025-67030
SeverityHIGH
TypeUPDATED
PublishedWed, Mar 25 · 06:16 PM CDT
ModifiedTue, Jul 07 · 12:16 PM CDT
Mon, Apr 13 · 08:16 AM CDTCVE-2026-0233
8.8/10 · Worth your timeNVDvuln
Summary
A certificate validation vulnerability in Palo Alto Networks Autonomous Digital Experience Manager on Windows allows an unauthenticated attacker with adjacent network access to execute arbitrary code with NT AUTHORITY\SYSTEM privileges.
CVECVE-2026-0233
SeverityHIGH
TypeUPDATED
PublishedMon, Apr 13 · 08:16 AM CDT
ModifiedTue, Jul 07 · 06:12 PM CDT
Wed, May 06 · 10:16 AM CDTCVE-2026-43112
8.8/10 · Worth your timeNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath When cifs_sanitize_prepath is called with an empty string or a string containing only delimiters (e.g., "/"), the current logic attempts to check *(cursor2 - 1) before cursor2 has advanced.
CVECVE-2026-43112
SeverityHIGH
TypeUPDATED
PublishedWed, May 06 · 10:16 AM CDT
ModifiedTue, Jul 07 · 12:16 PM CDT
Thu, Apr 09 · 10:16 PM CDTCVE-2025-13914
8.7/10 · Worth your timeNVDvuln
Summary
A Key Exchange without Entity Authentication vulnerability in the SSH implementation of Juniper Networks Apstra allows a unauthenticated, MITM attacker to impersonate managed devices. Due to insufficient SSH host key validation an attacker can perform a machine-in-the-middle attack on the SSH connections from Apstra to
CVECVE-2025-13914
SeverityHIGH
TypeUPDATED
PublishedThu, Apr 09 · 10:16 PM CDT
ModifiedWed, Jul 08 · 03:18 AM CDT
Mon, Apr 13 · 07:16 AM CDTCVE-2026-5936
8.5/10 · Worth your timeNVDvuln
Summary
An attacker can control a server-side HTTP request by supplying a crafted URL, causing the server to initiate requests to arbitrary destinations. This behavior may be exploited to probe internal network services, access otherwise unreachable endpoints (e.g., cloud metadata services), or bypass network access controls,
CVECVE-2026-5936
SeverityHIGH
TypeUPDATED
PublishedMon, Apr 13 · 07:16 AM CDT
ModifiedTue, Jul 07 · 06:26 PM CDT
Mon, Mar 23 · 04:16 PM CDTCVE-2026-32845
8.4/10 · Worth your timeNVDvuln
Summary
cgltf version 1.15 and prior contain an integer overflow vulnerability in the cgltf_validate() function when validating sparse accessors that allows attackers to trigger out-of-bounds reads by supplying crafted glTF/GLB input files with attacker-controlled size values. Attackers can exploit unchecked arithmetic operati
CVECVE-2026-32845
SeverityHIGH
TypeUPDATED
PublishedMon, Mar 23 · 04:16 PM CDT
ModifiedTue, Jul 07 · 09:16 PM CDT
Fri, May 01 · 04:16 PM CDTCVE-2026-37552
8.4/10 · Worth your timeNVDvuln
Summary
Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The sync-invoke TCP server (Server.php:87) receives data from a TCP socket, passes it directly to Opis\Closure\unserialize(), then executes the result via call_user_func(). No authentication or signature verification exists on the TCP connection.
CVECVE-2026-37552
SeverityHIGH
TypeUPDATED
PublishedFri, May 01 · 04:16 PM CDT
ModifiedWed, Jul 08 · 03:26 AM CDT
Mon, Jun 08 · 05:16 PM CDTCVE-2026-46288
8.4/10 · Worth your timeNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: of: unittest: fix use-after-free in of_unittest_changeset() The variable 'parent' is assigned the value of 'nchangeset' earlier in the function, meaning both point to the same struct device_node. The call to of_node_put(nchangeset) can decrement the re
CVECVE-2026-46288
SeverityHIGH
TypeUPDATED
PublishedMon, Jun 08 · 05:16 PM CDT
ModifiedTue, Jul 07 · 06:34 PM CDT
Tue, Jul 01 · 05:15 PM CDTCVE-2025-6297
8.2/10 · Worth your timeNVDvuln
Summary
It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and repeated execution of dpkg
CVECVE-2025-6297
SeverityHIGH
TypeUPDATED
PublishedTue, Jul 01 · 05:15 PM CDT
ModifiedWed, Jul 08 · 09:16 AM CDT
Wed, Mar 18 · 06:16 PM CDTCVE-2026-26740
8.2/10 · Worth your timeNVDvuln
Summary
Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote attacker to cause a denial of service via the EGifGCBToExtension overwriting an existing Graphic Control Extension block without validating its allocated size.
CVECVE-2026-26740
SeverityHIGH
TypeUPDATED
PublishedWed, Mar 18 · 06:16 PM CDT
ModifiedTue, Jul 07 · 12:16 PM CDT
Wed, Apr 15 · 07:16 PM CDTCVE-2026-34632
8.2/10 · Worth your timeNVDvuln
Summary
Adobe Photoshop Installer was affected by an Uncontrolled Search Path Element vulnerability that could have resulted in arbitrary code execution in the context of the current user. A low-privileged local attacker could have exploited this vulnerability by manipulating the search path used by the application to locate c
CVECVE-2026-34632
SeverityHIGH
TypeUPDATED
PublishedWed, Apr 15 · 07:16 PM CDT
ModifiedWed, Jul 08 · 12:22 AM CDT
Mon, Apr 06 · 04:16 PM CDTCVE-2026-34982
8.2/10 · Worth your timeNVDvuln
Summary
Vim is an open source, command line text editor. Prior to version 9.2.0276, a modeline sandbox bypass in Vim allows arbitrary OS command execution when a user opens a crafted file. The `complete`, `guitabtooltip` and `printheader` options are missing the `P_MLE` flag, allowing a modeline to be executed. Additionally, t
CVECVE-2026-34982
SeverityHIGH
TypeUPDATED
PublishedMon, Apr 06 · 04:16 PM CDT
ModifiedTue, Jul 07 · 12:16 PM CDT
Tue, Apr 28 · 11:16 PM CDTCVE-2026-42167
8.1/10 · Worth your timeNVDvuln
Summary
mod_sql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands (e.g., COPY TO PROGRAM).
CVECVE-2026-42167
SeverityHIGH
TypeUPDATED
PublishedTue, Apr 28 · 11:16 PM CDT
ModifiedWed, Jul 08 · 03:26 AM CDT
Tue, Aug 21 · 07:29 PM CDTCVE-2018-10902
7.8/10 · Worth your timeNVDvuln
Summary
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for priv
CVECVE-2018-10902
SeverityHIGH
TypeUPDATED
PublishedTue, Aug 21 · 07:29 PM CDT
ModifiedTue, Jul 07 · 03:16 PM CDT
Wed, May 18 · 03:15 PM CDTCVE-2022-30065
7.8/10 · Worth your timeNVDvuln
Summary
A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function.
CVECVE-2022-30065
SeverityHIGH
TypeUPDATED
PublishedWed, May 18 · 03:15 PM CDT
ModifiedTue, Jul 07 · 07:16 PM CDT
Tue, Oct 08 · 06:15 PM CDTCVE-2024-43590
7.8/10 · Worth your timeNVDvuln
Summary
Visual C++ Redistributable Installer Elevation of Privilege Vulnerability
CVECVE-2024-43590
SeverityHIGH
TypeUPDATED
PublishedTue, Oct 08 · 06:15 PM CDT
ModifiedTue, Jul 07 · 03:55 PM CDT