Aggregator

A vulnerability classified as critical was found in EXFO BV-10 Performance Endpoint Unit. Affected is an unknown function. Such manipulation leads to improper authentication. This vulnerability is uniquely identified as CVE-2022-39184. The attack can be launched remotely. No exploit exists.

A vulnerability was found in BlueZ up to 5.58. It has been declared as problematic. This impacts an unknown function of the file profiles/audio/avdtp.c. Executing a manipulation can lead to denial of service. This vulnerability is handled as CVE-2022-39177. The physical device can be targeted for the attack. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability marked as critical has been reported in HC Mingham-Smith Tardis 2000 1.6. The impacted element is an unknown function. The manipulation leads to improper privilege management. This vulnerability is traded as CVE-2022-39182. Access to the local network is required for this attack to succeed. There is no exploit available.

A vulnerability was found in SAML Auth Plugin on Moodle and classified as problematic. This vulnerability affects unknown code. The manipulation results in open redirect. This vulnerability is identified as CVE-2022-39183. The attack can be executed remotely. There is not any exploit available.

A vulnerability was found in BlueZ up to 5.58. It has been classified as problematic. This affects the function params_len of the file profiles/audio/avrcp.c. Performing a manipulation results in information disclosure. This vulnerability is known as CVE-2022-39176. The attack may be carried out on the physical device. No exploit is available. Upgrading the affected component is recommended.

A vulnerability identified as problematic has been detected in Vmware Spring Framework up to 5.3.48/6.1.27/6.2.18/7.0.7. Impacted is an unknown function of the component Static Resource Cache/WebFlux. This manipulation causes use of cache containing sensitive information. This vulnerability is registered as CVE-2026-41841. Remote exploitation of the attack is possible. No exploit is available. You should upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Vmware Spring Framework up to 5.3.48/6.1.27/6.2.18/7.0.7. Affected by this issue is some unknown functionality. Such manipulation leads to resource consumption. This vulnerability is uniquely identified as CVE-2026-41842. The attack can be launched remotely. No exploit exists. You should upgrade the affected component.

A vulnerability has been found in Vmware Spring Framework up to 5.3.48/6.1.27/6.2.18/7.0.7 and classified as critical. This affects an unknown part of the component Versioned Static Resource Handler. Performing a manipulation results in path traversal. This vulnerability was named CVE-2026-41843. The attack may be initiated remotely. There is no available exploit. The affected component should be upgraded.

A vulnerability was found in Vmware Spring HATEOAS up to 1.5.6/2.3.4/2.4.1/2.5.2/3.0.3. It has been rated as critical. The affected element is an unknown function of the component Collection+JSON/UBER. This manipulation causes improper access controls. This vulnerability is tracked as CVE-2026-41006. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is advised.

A vulnerability categorized as problematic has been discovered in Vmware Spring HATEOAS up to 1.5.6/2.3.4/2.4.1/2.5.2/3.0.3. The impacted element is an unknown function of the component StringLinkRelation Handler. Such manipulation leads to allocation of resources. This vulnerability is listed as CVE-2026-41007. The attack may be performed from remote. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability identified as problematic has been detected in Vmware Spring REST Docs up to 3.0.5/4.0.0. This affects an unknown function of the component Remote API. This manipulation causes xml external entity reference. This vulnerability is registered as CVE-2026-40991. Remote exploitation of the attack is possible. No exploit is available. You should upgrade the affected component.

A vulnerability was found in Vmware Spring for Apache Kafka up to 2.8.11/2.9.13/3.2.13/3.3.15/4.0.5. It has been declared as problematic. This affects an unknown function of the component DelegatingDeserializer. The manipulation results in allocation of resources. This vulnerability is identified as CVE-2026-41726. The attack can be executed remotely. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Vmware Spring for Apache Kafka up to 2.8.11/2.9.13/3.2.13/3.3.15/4.0.5. It has been rated as problematic. This impacts an unknown function of the component Retry Topic Infrastructure. This manipulation causes denial of service. This vulnerability is tracked as CVE-2026-41727. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is advised.

A vulnerability marked as problematic has been reported in Vmware Spring AMQP up to 2.4.17/3.1.15/3.2.10/4.0.3. This affects the function RabbitConnectionFactoryBean.setUri. The manipulation leads to improper certificate validation. This vulnerability is documented as CVE-2026-41714. The attack can be initiated remotely. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability marked as critical has been reported in zephyrproject zephyr up to 4.4.x. Impacted is the function recvmsg of the file subsys/net/lib/sockets/sockets_inet.c of the component Supervisor Mode. Performing a manipulation results in out-of-bounds write. This vulnerability is identified as CVE-2026-10643. The attack is only possible with local access. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability classified as problematic was found in nmedia Frontend File Manager Plugin up to 23.6 on WordPress. Impacted is the function sanitize_key of the file wp-config.php of the component AJAX Handler. Executing a manipulation of the argument wpfm_dir_path can lead to file inclusion. This vulnerability is registered as CVE-2026-8095. It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is advised.

A vulnerability, which was classified as critical, has been found in FFmpeg. The affected element is an unknown function of the file libavcodec/rasc.c of the component Media Handler. The manipulation leads to out-of-bounds write. This vulnerability is documented as CVE-2026-58049. The attack can be initiated remotely. Additionally, an exploit exists. Applying a patch is the recommended action to fix this issue.

A vulnerability was found in libssh2 up to 1.11.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component SSH Handler. Executing a manipulation can lead to integer overflow. This vulnerability is handled as CVE-2026-58050. The attack can be executed remotely. Additionally, an exploit exists.