Lucene search
K

33 matches found

Wolfi
Wolfi
added 5 days ago8 views

CVE-2025-10535 vulnerabilities

Vulnerabilities for packages: firefox...

7.5CVSS7.1AI score0.00293EPSS
Exploits0
Circl
Circl
added 2026/04/13 5:58 p.m.7 views

CVE-2025-10535

creationtimestamp| type| source ---|---|--- 2026-04-13 17:58:03+00:00| seen| Telegram/PvZD5YcMZj48r083VHwgZVfyAkWlDNaqDYlcGIZPQjhAu9s...

7.5CVSS4.7AI score0.00293EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 9:51 a.m.4 views

CVE-2020-10535

GitLab 12.8.x before 12.8.6, when sign-up is enabled, allows remote attackers to bypass email domain restrictions within the two-day grace period for an unconfirmed email address...

5.3CVSS6.8AI score0.01016EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/09/16 11:26 p.m.3 views

SUSE CVE-2025-10535

Information disclosure, mitigation bypass in the Privacy component in Firefox for Android. This vulnerability was fixed in Firefox 143...

7.5CVSS5.7AI score0.00293EPSS
Exploits0References3
NVD
NVD
added 2025/09/16 1:15 p.m.2 views

CVE-2025-10535

Information disclosure, mitigation bypass in the Privacy component in Firefox for Android. This vulnerability was fixed in Firefox 143...

7.5CVSS0.00293EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/16 12:26 p.m.1 views

CVE-2025-10535 Information disclosure, mitigation bypass in the Privacy component in Firefox for Android

Information disclosure, mitigation bypass in the Privacy component in Firefox for Android. This vulnerability was fixed in Firefox 143...

5.7AI score0.00293EPSS
Exploits0References2
CVE
CVE
added 2025/09/16 12:26 p.m.30 views

CVE-2025-10535

CVE-2025-10535 describes an information-disclosure and mitigation-bypass vulnerability in the Privacy component of Firefox for Android, affecting Firefox versions older than 143. The issue is cited across multiple security feeds and Nessus plugins as part of the Firefox

7.5CVSS5.7AI score0.00293EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 4:15 a.m.11 views

CVE-2019-10535

Improper validation for loop variable received from firmware can lead to out of bound access in WLAN function while iterating through loop in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...

5.5CVSS7.7AI score0.0017EPSS
Exploits0References1
OSV
OSV
added 2024/11/06 7:15 a.m.6 views

CVE-2024-10535

The Video Gallery for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the removeunusedthumbnails function in all versions up to, and including, 1.31. This makes it possible for unauthenticated attackers to delete thumbnails ...

5.3CVSS6.6AI score
Exploits0References3
CVE
CVE
added 2024/11/06 6:43 a.m.50 views

CVE-2024-10535

The CVE-2024-10535 entry concerns the Video Gallery for WooCommerce plugin for WordPress. Multiple connected sources confirm affected software and root cause: versions up to and including 1.31 are vulnerable due to a missing capability check in the remove_unused_thumbnails() function, enabling un...

5.3CVSS5.1AI score0.00391EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/11/05 12:0 a.m.13 views

WordPress Video Gallery for WooCommerce Plugin <= 1.31 is vulnerable to Broken Access Control

Software Video Gallery for WooCommerce Type Plugin Vulnerable versions = 1.31 Fixed in 1.32 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10535 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID fc5201d78d06 Credits incognito Require...

5.3CVSS5.3AI score0.00391EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2020/03/12 10:25 p.m.97 views

CVE-2020-10535

GitLab 12.8.x before 12.8.6 allows remote attackers to bypass email domain restrictions within a two‑day grace period for an unconfirmed email address when sign‑up is enabled. This is a direct bypass of domain controls in the signup flow. No exploitation details are provided in the sources beyond...

5.3CVSS5.1AI score0.01016EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2020/03/12 10:25 p.m.24 views

CVE-2020-10535

Removed by vendor...

5.3CVSS6AI score0.01016EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2020/03/12 12:0 a.m.21 views

CVE-2020-10535

GitLab 12.8.x before 12.8.6, when sign-up is enabled, allows remote attackers to bypass email domain restrictions within the two-day grace period for an unconfirmed email address. Recent assessments: ericalexanderorg at March 16, 2020 3:55pm UTC reported: Not enough details to fully assess ATM bu...

5.3CVSS1.2AI score0.01016EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.43 views

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2019-1019)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.03467EPSS
Exploits5References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.42 views

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2019-1377)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.03467EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.49 views

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2019-1219)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.9AI score0.03467EPSS
Exploits4References2
RedhatCVE
RedhatCVE
added 2019/12/23 9:25 p.m.30 views

CVE-2018-10535

The ignoresectionsym function in elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, does not validate the outputsection pointer in the case of a symtab entry with a "SECTION" type that has a "0" value, which allows remote attackers to cause a denial o...

5.5CVSS5.5AI score0.02236EPSS
Exploits0References1
CVE
CVE
added 2019/11/21 2:38 p.m.63 views

CVE-2019-10535

CVE-2019-10535 affects Qualcomm Snapdragon WLAN host components across multiple Snapdragon lineups (e.g., APQ8053, APQ8096AU, SDX20, MSM9xxx, QCA6574AU, etc.). The root cause is improper validation of a loop variable received from firmware, which can cause out-of-bounds access while the WLAN host...

5.5CVSS5.7AI score0.0017EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/11/21 2:38 p.m.30 views

CVE-2019-10535

Improper validation for loop variable received from firmware can lead to out of bound access in WLAN function while iterating through loop in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...

5.7AI score0.0017EPSS
Exploits0References1
Rows per page
Query Builder