Recent vulnerabilities
Recent vulnerabilities from
Select from 70 available sources using the dropdown above.
| ID | Severity | Description | Published | Updated |
|---|---|---|---|---|
| ghsa-r8mh-x5qv-7gg2 |
8.1 (3.1)
9.2 (4.0)
|
libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ss… | 2026-06-17T21:34:39Z | 2026-06-17T21:34:39Z |
| ghsa-pvj2-mj22-xxmq |
6.5 (3.1)
7.1 (4.0)
|
Typemill before 2.24.0 contains a path traversal vulnerability that allows authenticated attackers … | 2026-06-17T21:34:39Z | 2026-06-17T21:34:39Z |
| ghsa-p3h9-73g9-x6m3 |
9.1 (3.1)
9.3 (4.0)
|
Tinyproxy through 1.11.3, fixed in commit 364cdb6, fails to reject requests containing multiple Con… | 2026-06-17T21:34:39Z | 2026-06-17T21:34:39Z |
| ghsa-gx48-gh32-62q5 |
8.1 (3.1)
8.6 (4.0)
|
When NGINX Plus or NGINX Open Source is configured as the data plane for NGINX Gateway Fabric, an i… | 2026-06-17T21:34:39Z | 2026-06-17T21:34:39Z |
| ghsa-fpgm-mcvj-627x |
6.8 (3.1)
7.4 (4.0)
|
Evil-WinRM through 3.9, fixed in commit 6ecd570, contains a path traversal vulnerability in the dow… | 2026-06-17T21:34:39Z | 2026-06-17T21:34:39Z |
| ghsa-f33v-8wrm-6584 |
8.2 (3.1)
8.8 (4.0)
|
Tinyproxy through 1.11.3, fixed in commit 09312a1, fails to properly validate the Host header durin… | 2026-06-17T21:34:39Z | 2026-06-17T21:34:39Z |
| ghsa-9667-7p67-2364 |
9.1 (3.1)
9.3 (4.0)
|
Tinyproxy through 1.11.3, fixed in commit ff45d3b, fails to reconcile conflicting Content-Length an… | 2026-06-17T21:34:39Z | 2026-06-17T21:34:39Z |
| ghsa-3cfq-4xx4-rmpg |
5.9 (3.1)
8.2 (4.0)
|
libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service vu… | 2026-06-17T21:34:39Z | 2026-06-17T21:34:39Z |
| ghsa-vh3x-jr27-wpwh |
6.5 (3.1)
7.1 (4.0)
|
When NGINX Gateway Fabric is configured using GRPCRoutes, an authenticated, remote attacker with pe… | 2026-06-17T21:34:38Z | 2026-06-17T21:34:38Z |
| ghsa-qwrm-7225-vjff |
7.3 (3.1)
6.9 (4.0)
|
A security vulnerability has been detected in SourceCodester CET Automated Grading System with AI P… | 2026-06-17T21:34:38Z | 2026-06-17T21:34:38Z |
| ghsa-qqcv-fjfg-8rp6 |
5.9 (4.0)
|
Sonatype Nexus Repository Manager before 3.93.0 contains an authorization vulnerability in the prox… | 2026-06-17T21:34:38Z | 2026-06-17T21:34:38Z |
| ghsa-pf84-mfp6-qcgg |
7.5 (3.1)
|
Use of an incorrectly resolved name or reference in the pinget backend in Devolutions UniGetUI 202… | 2026-06-17T21:34:38Z | 2026-06-17T21:34:38Z |
| ghsa-p4qf-rxqh-8x9m |
4.3 (3.1)
|
In ImsMediaBitReader::ReadByteBuffer, there is a possible OOB read due to a missing bounds check. T… | 2026-06-16T21:32:01Z | 2026-06-17T21:34:38Z |
| ghsa-hm6m-fqm4-j6w8 |
3.3 (3.1)
|
In Camera, there is a possible unauthorized way to access photos due to a missing permission check.… | 2026-06-16T21:32:01Z | 2026-06-17T21:34:38Z |
| ghsa-cpcp-57xw-48rv |
8.1 (3.1)
8.6 (4.0)
|
Hermes WebUI before 0.51.368 contains an authorization bypass vulnerability in the get_profile_cook… | 2026-06-17T21:34:38Z | 2026-06-17T21:34:38Z |
| ghsa-99f9-j8r3-p853 |
5.5 (3.1)
6.8 (4.0)
|
Hermes Agent before 0.16.0 creates response_store.db and webhook_subscriptions.json with world-read… | 2026-06-17T21:34:38Z | 2026-06-17T21:34:38Z |
| ghsa-9968-j665-2mww |
4.3 (3.1)
|
In RtcpHeader::decodeRtcpHeader, there is a possible OOB read due to a missing bounds check. This c… | 2026-06-16T21:32:01Z | 2026-06-17T21:34:38Z |
| ghsa-7p36-fq2r-4h7r |
7.2 (3.1)
8.6 (4.0)
|
Pimcore CMS/DXP version 12.3.8 contains a sandbox bypass vulnerability that allows authenticated ad… | 2026-06-17T21:34:38Z | 2026-06-17T21:34:38Z |
| ghsa-5wqv-fhmr-pjgh |
6.5 (3.1)
7.1 (4.0)
|
Hermes WebUI before 0.51.443 contains a broken access control vulnerability in the /api/session end… | 2026-06-17T21:34:38Z | 2026-06-17T21:34:38Z |
| ghsa-5j37-rf54-82q2 |
9.1 (3.1)
9.1 (4.0)
|
Hermes WebUI before 0.51.409 contains an authentication bypass vulnerability in passkey registratio… | 2026-06-17T21:34:38Z | 2026-06-17T21:34:38Z |
| ghsa-4pqm-j46f-795x |
7.5 (3.1)
8.7 (4.0)
|
Hermes Agent before 0.16.0 contains a DNS rebinding vulnerability in WebSocket endpoints that allow… | 2026-06-17T21:34:38Z | 2026-06-17T21:34:38Z |
| ghsa-42ch-w3xc-h9xw |
5.7 (3.1)
|
In several functions of the RTCP packet decoder, there is a possible out-of-bounds read due to a mi… | 2026-06-16T21:32:01Z | 2026-06-17T21:34:38Z |
| ghsa-34j3-4jpj-gx6q |
6.5 (3.1)
7.1 (4.0)
|
Hermes WebUI before 0.51.443 contains an authorization bypass vulnerability in the session export e… | 2026-06-17T21:34:38Z | 2026-06-17T21:34:38Z |
| ghsa-m789-mmmh-7vqc |
8.8 (3.1)
|
A flaw was found in dracut. A remote attacker on the adjacent network can exploit this vulnerabilit… | 2026-06-10T21:31:41Z | 2026-06-17T21:34:32Z |
| ghsa-jx39-26rr-cwqp |
5.5 (3.1)
|
An out-of-bounds read flaw was found in the X.Org X server and Xwayland in __glXDisp_ChangeDrawable… | 2026-06-05T12:31:46Z | 2026-06-17T21:34:32Z |
| ghsa-c83q-p66f-qr9p |
7.8 (3.1)
|
An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuf… | 2026-06-05T12:31:46Z | 2026-06-17T21:34:32Z |
| ghsa-7ww4-jpp4-x9fw |
7.8 (3.1)
|
A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. _XkbSetMapChecks()… | 2026-06-05T12:31:46Z | 2026-06-17T21:34:32Z |
| ghsa-7j37-rf7v-jf5c |
7.8 (3.1)
|
A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter(). A client that … | 2026-06-05T12:31:46Z | 2026-06-17T21:34:32Z |
| ghsa-74fp-pmv2-rh3f |
7.8 (3.1)
|
A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. The X server has m… | 2026-06-05T12:31:46Z | 2026-06-17T21:34:32Z |
| ghsa-5p7p-jgvj-4v95 |
7.8 (3.1)
|
A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence(). A clien… | 2026-06-05T12:31:46Z | 2026-06-17T21:34:32Z |