39 matches found
CVE-2026-10008 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-10008
Uninitialized Use in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...
CVE-2026-10008
creationtimestamp| type| source ---|---|--- 2026-05-28 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities20260529 2026-05-28 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260529 2026-05-29...
CVE-2020-10008
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.0.1. A malicious application with root privileges may be able to access private information...
CVE-2025-10008
creationtimestamp| type| source ---|---|--- 2025-10-30 07:30:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m4fgwo7enc2n 2025-10-30 07:35:33+00:00| seen| https://gist.github.com/Darkcrai86/76daa1559d7059a9f4226d38dfd0e6c4...
CVE-2025-10008
The Translate WordPress and go Multilingual – Weglot plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'cleanoptions' function in all versions up to, and including, 5.1. This makes it possible for unauthenticated attackers to delete limited...
WordPress Weglot Translate plugin <= 5.1 - Missing Authorization to Unauthenticated Limited Transient Deletion vulnerability
Missing Authorization to Unauthenticated Limited Transient Deletion vulnerability discovered by Nguyen Ngoc Quang Bach maysbachs in WordPress Plugin Weglot Translate versions = 5.1...
CVE-2011-10008 MPlayer Lite r33064 M3U Stack-Based Buffer Overflow
A stack-based buffer overflow vulnerability exists in MPlayer Lite r33064 due to improper bounds checking when handling M3U playlist files containing long http:// URL entries. An attacker can craft a malicious .m3u file with a specially formatted URL that triggers a stack overflow when processed ...
CVE-2015-10008
UNSUPPORTED WHEN ASSIGNED A vulnerability was found in 82Flex WEIPDCRM. It has been classified as critical. This affects an unknown part. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The identifier of the patch is 43bad79392332fa39e31b95268e76fbda9fec3a...
CVE-2024-10008
creationtimestamp| type| source ---|---|--- 2024-10-29 08:04:36+00:00| seen| https://t.me/cvedetector/9245...
CVE-2024-10008
The Masteriyo LMS – eLearning and Online Course Builder for WordPress plugin for WordPress is vulnerable to unauthorized user profile modification due to missing authorization checks on the /wp-json/masteriyo/v1/users/$id REST API endpoint in all versions up to, and including, 1.13.3. This makes ...
CVE-2024-10008
The Masteriyo LMS – eLearning and Online Course Builder for WordPress plugin for WordPress is vulnerable to unauthorized user profile modification due to missing authorization checks on the /wp-json/masteriyo/v1/users/$id REST API endpoint in all versions up to, and including, 1.13.3. This makes ...
WordPress Masteriyo - LMS Plugin <= 1.13.3 is vulnerable to Privilege Escalation
Software Masteriyo - LMS Type Plugin Vulnerable versions = 1.13.3 Fixed in 1.13.4 OWASP Top 10 A5: Broken Access Control Classification Privilege Escalation CVE CVE-2024-10008 Patch priority Medium CVSS severity Medium 8.8 Developer Masteriyo PSID c25147bb0430 Credits floerer Required privilege...
CVE-2012-10008
The CVE-2012-10008 vulnerability affects uakfdotb oneapp and is described as a critical SQL injection vulnerability that can be triggered remotely. The affected component/processing is not fully specified in the initial document, and there is no versioning information for affected releases. A pat...
CVE-2010-10008
Summary: CVE-2010-10008 affects the simplesamlphp-module-openidprovider component (versions up to 0.8.x). The issue is a cross-site scripting flaw in the templates/trust.tpl.php file triggered by manipulation of the StateID argument. Exploitation can be remote. The publicly documented remediation...
CVE-2013-10008
creationtimestamp| type| source ---|---|--- 2023-01-07 00:24:38+00:00| seen| https://t.me/cibsecurity/56082...
CVE-2013-10008
CVE-2013-10008 affects the sheilazpy eShop application. A vulnerability exists where manipulation of an unknown function leads to a SQL injection, described as critical. The fix is identified by patch/file hash e096c5849c4dc09e1074104531014a62a5413884. Public references indicate this vulnerabilit...
CVE-2013-10008 sheilazpy eShop sql injection
A vulnerability was found in sheilazpy eShop. It has been classified as critical. Affected is an unknown function. The manipulation leads to sql injection. The name of the patch is e096c5849c4dc09e1074104531014a62a5413884. It is recommended to apply a patch to fix this issue. The identifier of th...
CVE-2015-10008
creationtimestamp| type| source ---|---|--- 2023-01-02 14:30:50+00:00| seen| https://t.me/cibsecurity/55736 2025-04-10 20:49:58+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11354...
CVE-2015-10008 82Flex WEIPDCRM sql injection
UNSUPPORTED WHEN ASSIGNED A vulnerability was found in 82Flex WEIPDCRM. It has been classified as critical. This affects an unknown part. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The identifier of the patch is 43bad79392332fa39e31b95268e76fbda9fec3a...