Chromium: CVE-2026-10020 Insufficient validation of untrusted input in Skia

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

SUSE CVE-2026-10020

Insufficient validation of untrusted input in Skia in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

Linux Distros Unpatched Vulnerability : CVE-2026-10020

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Skia in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the rendere...

CVE-2026-10020

Insufficient validation of untrusted input in Skia in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-10020

creationtimestamp| type| source ---|---|--- 2026-05-28 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities20260529 2026-05-28 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260529...

CVE-2025-10020

creationtimestamp| type| source ---|---|--- 2025-10-21 12:49:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m3pekra4bk2f 2025-10-21 13:14:01+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115412332758363701...

CVE-2025-10020 Command Injection

Zohocorp ManageEngine ADManager Plus version before 8024 are vulnerable to authenticated command injection vulnerability in the Custom Script component...

EUVD-2019-10020

Malware in sbrugna...

CVE-2012-10020 FoxyPress <= 0.4.2.1 - Arbitrary File Upload

The FoxyPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the uploadify.php file in versions up to, and including, 0.4.2.1. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may...

WordPress FoxyPress plugin <= 0.4.2.1 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by WordFence in WordPress Plugin Foxypress versions 0.4.2.2...

CVE-2015-10020

A vulnerability has been found in ssn2013 cis450Project and classified as critical. This vulnerability affects the function addUser of the file HeatMapServer/src/com/datformers/servlet/AddAppUser.java. The manipulation leads to sql injection. The name of the patch is...

CVE-2024-10020

The Heateor Social Login WordPress plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.1.35. This is due to insufficient verification on the user being returned by the social login token. This makes it possible for unauthenticated attackers to log i...

CVE-2024-10020

creationtimestamp| type| source ---|---|--- 2024-11-06 06:48:17+00:00| seen| https://infosec.exchange/users/cve/statuses/113434669656961794 2024-11-06 06:51:29+00:00| seen| https://infosec.exchange/users/cve/statuses/113434682244741631 2024-11-06 09:08:42+00:00| seen| https://t.me/cvedetector/999...

CVE-2024-10020

CVE-2024-10020 — Heateor Social Login WordPress plugin suffers an authentication bypass in all versions up to 1.1.35 due to insufficient verification of the user returned by the social login token. This allows unauthenticated attackers to log in as an existing user on the site (provided they have...

CVE-2024-10020 Heateor Social Login WordPress <= 1.1.35 - Authentication Bypass via Disqus OAuth provider

The Heateor Social Login WordPress plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.1.35. This is due to insufficient verification on the user being returned by the social login token. This makes it possible for unauthenticated attackers to log i...

WordPress Heateor Social Login Plugin <= 1.1.35 is vulnerable to Broken Authentication

Software Heateor Social Login Type Plugin Vulnerable versions = 1.1.35 Fixed in 1.1.36 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-10020 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 0cb2e3c4d2f1 Credits...

CVE-2013-10020

MMDeveloper A Forms Plugin for WordPress (up to version 1.4.2) contains a cross-site scripting vulnerability in an unknown area of a-forms.php. The issue can be exploited remotely and upgrading to version 1.4.3 addresses it (patch identifier 3e693197bd69b7173cc16d8d2e0a7d501a2a0b06; VDB-222609). ...

SUSE CVE-2019-10020

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function Splash::scaleImageYuXu at Splash.cc for x Bresenham parameters...

CVE-2020-10020

This CVE entry is rejected/not used and does not represent an active vulnerability entry.

CVE-2020-10020

...