Total
358423 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-28554 | 1 Gvectors | 1 Wpforo Forum | 2026-06-17 | N/A | 4.3 MEDIUM |
| wpForo Forum 2.4.14 contains a missing authorization vulnerability that allows authenticated subscribers to approve or unapprove any forum post via the wpforo_approve_ajax AJAX handler. Attackers exploit the nonce-only check by submitting a valid nonce with an arbitrary post ID to bypass moderation controls entirely. | |||||
| CVE-2026-28552 | 1 Huawei | 2 Emui, Harmonyos | 2026-06-17 | N/A | 6.5 MEDIUM |
| Out-of-bounds write vulnerability in the IMS module. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2026-28551 | 1 Huawei | 1 Harmonyos | 2026-06-17 | N/A | 4.7 MEDIUM |
| Race condition vulnerability in the device security management module. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2026-28550 | 1 Huawei | 1 Harmonyos | 2026-06-17 | N/A | 4.0 MEDIUM |
| Race condition vulnerability in the security control module. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2026-28549 | 1 Huawei | 1 Harmonyos | 2026-06-17 | N/A | 6.6 MEDIUM |
| Race condition vulnerability in the permission management service. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2026-28548 | 1 Huawei | 2 Emui, Harmonyos | 2026-06-17 | N/A | 7.1 HIGH |
| Vulnerability of improper verification in the email application. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2026-28547 | 1 Huawei | 1 Harmonyos | 2026-06-17 | N/A | 6.8 MEDIUM |
| Vulnerability of uninitialized pointer access in the scanning module. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2026-28546 | 1 Huawei | 1 Harmonyos | 2026-06-17 | N/A | 5.9 MEDIUM |
| Buffer overflow vulnerability in the scanning module. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2026-28545 | 1 Huawei | 1 Harmonyos | 2026-06-17 | N/A | 5.9 MEDIUM |
| Race condition vulnerability in the printing module. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2026-28544 | 1 Huawei | 1 Harmonyos | 2026-06-17 | N/A | 6.2 MEDIUM |
| Race condition vulnerability in the printing module. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2026-28543 | 1 Huawei | 1 Harmonyos | 2026-06-17 | N/A | 4.4 MEDIUM |
| Race condition vulnerability in the maintenance and diagnostics module. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2026-28542 | 1 Huawei | 2 Emui, Harmonyos | 2026-06-17 | N/A | 7.3 HIGH |
| Permission bypass vulnerability in the system service framework. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2026-28541 | 1 Huawei | 1 Harmonyos | 2026-06-17 | N/A | 4.0 MEDIUM |
| Permission control vulnerability in the cellular_data module. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2026-28540 | 1 Huawei | 1 Harmonyos | 2026-06-17 | N/A | 4.0 MEDIUM |
| Out-of-bounds character read vulnerability in Bluetooth. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2026-28539 | 1 Huawei | 1 Harmonyos | 2026-06-17 | N/A | 6.2 MEDIUM |
| Data processing vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2026-28538 | 1 Huawei | 1 Harmonyos | 2026-06-17 | N/A | 5.9 MEDIUM |
| Path traversal vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2026-28537 | 1 Huawei | 1 Harmonyos | 2026-06-17 | N/A | 5.1 MEDIUM |
| Double free vulnerability in the window module. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2026-28536 | 1 Huawei | 1 Harmonyos | 2026-06-17 | N/A | 9.6 CRITICAL |
| Authentication bypass vulnerability in the device authentication module. Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality. | |||||
| CVE-2026-28518 | 1 Volcengine | 1 Openviking | 2026-06-17 | N/A | 7.8 HIGH |
| OpenViking versions 0.2.1 and prior, fixed in commit 46b3e76, contain a path traversal vulnerability in the .ovpack import handling that allows attackers to write files outside the intended import directory. Attackers can craft malicious ZIP archives with traversal sequences, absolute paths, or drive prefixes in member names to overwrite or create arbitrary files with the importing process privileges. | |||||
| CVE-2026-28517 | 1 Opendcim | 1 Opendcim | 2026-06-17 | N/A | 9.8 CRITICAL |
| openDCIM version 23.04, through commit 4467e9c4, contains an OS command injection vulnerability in report_network_map.php. The application retrieves the 'dot' configuration parameter from the database and passes it directly to exec() without validation or sanitization. If an attacker can modify the fac_Config.dot value, arbitrary commands may be executed in the context of the web server process. | |||||