63 matches found
CVE-2026-10894 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-10894
An use after free flaw was found in the Printing component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513445101...
SUSE CVE-2026-10894
Use after free in Printing in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-10894
creationtimestamp| type| source ---|---|--- 2026-06-05 13:23:26+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116697713800926918 2026-06-07 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260608 2026-06-07 18:00:00+00:00| seen|...
CVE-2025-10894
creationtimestamp| type| source ---|---|--- 2025-09-25 05:23:19+00:00| seen| https://gist.github.com/Darkcrai86/2755052cf43db2d8afc28fee4f30321a...
CVE-2025-10894
Malicious code was inserted into the Nx build system package and several related plugins. The tampered package was published to the npm software registry, via a supply-chain attack. Affected versions contain code that scans the file system, collects credentials, and posts them to GitHub as a repo...
CVE-2025-10894
Malicious code was inserted into the Nx build system package and several related plugins. The tampered package was published to the npm software registry, via a supply-chain attack. Affected versions contain code that scans the file system, collects credentials, and posts them to GitHub as a repo...
@anarchitects/nx-js (>=0.0.1 <=0.0.3), @asd14/eslint-config (>=11.0.0 <=14.4.0) +76 more potentially affected by CVE-2025-10894 via nx (>=21.5.1-beta.3 <=21.7.0-canary.20250930-e144408)
nx NPM version =21.5.1-beta.3, =0.0.1, =11.0.0, =0.52.0, =2.23.0, =1.4.0, =3.1.1, =1.0.0, =6.10.0, =0.1.0-next.717, =9.0.0, =1.0.0, =0.0.1-alpha.7, =2.1.0 and more Source cves: CVE-2025-10894 Source advisory: OSV:MAL-2025-41443...
@10xsai/cloudflare-router-nx-plugin (=1.0.0), @akanjs/test (>=0.0.47 <=0.0.73) +115 more potentially affected by CVE-2025-10894 via @nx/workspace (>=20.0.0-beta.0 <=20.9.0-canary.20250415-bc685ce)
@nx/workspace NPM version =20.0.0-beta.0, =0.0.47, =0.0.2, =0.0.0, =1.0.0, =1.0.0, =0.5.0, =1.8.2, =3.1.0, =0.0.1, =0.0.4 and more Source cves: CVE-2025-10894 Source advisory: SNYK:JS-NXWORKSPACE-12205641...
@aws/nx-plugin (>=0.21.0 <=0.51.4), @caliobase/caliobase-nx (>=0.3.53 <=0.3.61) +49 more potentially affected by CVE-2025-10894 via @nx/workspace (>=21.0.0-beta.0 <=21.5.0-canary.20250904-2c678a1)
@nx/workspace NPM version =21.0.0-beta.0, =0.21.0, =0.3.53, =1.1.1, =2.1.1, =2.1.1, =2.1.1, =2.1.1, =0.0.1, =0.0.3, =0.0.1, =0.0.3, =0.0.3, =0.3.3 and more Source cves: CVE-2025-10894 Source advisory: SNYK:JS-NXWORKSPACE-12205641...
@apj-pace/pace-nx-plugin (>=0.0.2 <=0.0.5), @aws/nx-plugin (>=0.0.0 <=0.1.5) +59 more potentially affected by CVE-2025-10894 via nx (>=20.0.0-beta.0 <=20.0.9)
nx NPM version =20.0.0-beta.0, =0.0.2, =0.0.0, =0.5.0, =0.0.1, =20.0.0-beta.0, =20.0.0-beta.0, =20.0.0-beta.0, =20.0.0-beta.0, =20.0.0-beta.0, =20.0.0-beta.0, =20.0.0-beta.0, =20.0.0-beta.0, =20.0.0-canary.20240926-529ab94 and more Source cves: CVE-2025-10894 Source advisory: SNYK:JS-NX-12205542...
@abelfubu/schematics (=0.1.1), @anarchitects/nx-js (>=0.0.1 <=0.0.3) +118 more potentially affected by CVE-2025-10894 via nx (>=21.0.0-beta.0 <=21.7.0-canary.20250930-e144408)
nx NPM version =21.0.0-beta.0, =0.0.1, =11.0.0, =0.21.0, =0.0.1, =2.23.0, =0.3.53, =0.0.5, =0.0.4, =1.3.0, =0.0.1, =0.0.1-alpha.4 and more Source cves: CVE-2025-10894 Source advisory: SNYK:JS-NX-12205542...
@10xsai/cloudflare-router-nx-plugin (=1.0.0), @akanjs/cli (>=0.0.38 <=0.0.73) +452 more potentially affected by CVE-2025-10894 via @nx/devkit (>=20.0.0-beta.0 <=20.9.0-canary.20250415-bc685ce)
@nx/devkit NPM version =20.0.0-beta.0, =0.0.38, =0.0.38, =0.0.47, =0.0.1, =0.1.0, =8.1.1, =0.0.2, =0.0.1, =0.0.0, =1.0.0, =0.0.12-beta.1, =0.0.1, =0.0.3 and more Source cves: CVE-2025-10894 Source advisory: SNYK:JS-NXDEVKIT-12205635...
@naxodev/nx-cloudflare (>=4.0.0 <=4.0.2), @nestjs-mod/schematics (>=2.12.0 <=2.13.2) +9 more potentially affected by CVE-2025-10894 via @nx/node (>=20.0.0-beta.0 <=20.9.0-canary.20250415-bc685ce)
@nx/node NPM version =20.0.0-beta.0, =4.0.0, =2.12.0, =20.0.0-beta.0, =20.0.0-beta.0, =20.0.0-beta.0, =20.0.0, =20.0.0, =0.2.0, =20.0.0, =20.2.1-dev.3 - @terrxo/nx-cloudflare =4.0.1 - @ziacik/azure-func =4.0.0 Source cves: CVE-2025-10894 Source advisory: SNYK:JS-NXNODE-12205640...
@aws/nx-plugin (>=0.21.0 <=0.51.4), @caliobase/caliobase-nx (>=0.3.53 <=0.3.61) +47 more potentially affected by CVE-2025-10894 via @nx/js (>=21.0.0-beta.0 <=21.5.0-canary.20250904-2c678a1)
@nx/js NPM version =21.0.0-beta.0, =0.21.0, =0.3.53, =1.1.1, =2.1.1, =2.1.1, =2.1.1, =2.1.1, =0.0.1, =0.0.3, =0.0.1, =0.0.3, =0.0.3, =0.3.3 and more Source cves: CVE-2025-10894 Source advisory: SNYK:JS-NXJS-12205638...
@abelfubu/schematics (>=0.0.3 <=0.1.1), @alfresco/aca-generators (>=1.0.2 <=1.0.4) +115 more potentially affected by CVE-2025-10894 via @nx/devkit (>=21.0.0-beta.0 <=21.5.0-canary.20250904-2c678a1)
@nx/devkit NPM version =21.0.0-beta.0, =0.0.3, =1.0.2, =1.0.0, =1.0.2, =0.0.11, =0.21.0, =0.0.1, =0.3.53, =0.0.5, =0.0.4, =9.0.2, =9.1.0 - @eumentis/nx-plugin =1.3.0 and more Source cves: CVE-2025-10894 Source advisory: SNYK:JS-NXDEVKIT-12205635...
CVE-2016-10894
xtrlock through 2.10 does not block multitouch events. Consequently, an attacker at a locked screen can send input to and thus control various programs such as Chromium via events such as pan scrolling, "pinch and zoom" gestures, or even regular mouse clicks by depressing the touchpad once and th...
CVE-2024-10894 Payment Forms for Paystack <= 4.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Payment Forms for Paystack plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes like 'datepicker', 'textarea', and 'text' in all versions up to, and including, 4.0.2 due to insufficient input sanitization and output escaping on user supplied attributes...
CVE-2024-10894 Payment Forms for Paystack <= 4.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Payment Forms for Paystack plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes like 'datepicker', 'textarea', and 'text' in all versions up to, and including, 4.0.2 due to insufficient input sanitization and output escaping on user supplied attributes...
K000150338: Wireshark/tshark vulnerabilities CVE-2019-10899, CVE-2019-10896, CVE-2019-10895, CVE-2019-10894, and CVE-2018-9263
Security Advisory Description CVE-2019-10899 In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash. This was addressed in epan/dissectors/packet-srvloc.c by preventing a heap-based buffer under-read. CVE-2019-10896 In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7,...