Lucene search
K

63 matches found

Wolfi
Wolfi
added 2 days ago3 views

CVE-2026-10894 vulnerabilities

Vulnerabilities for packages: chromium...

8.3CVSS5.8AI score0.00286EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/07 4:32 a.m.8 views

CVE-2026-10894

An use after free flaw was found in the Printing component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513445101...

9CVSS5.4AI score0.00286EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/06/06 2:53 a.m.9 views

SUSE CVE-2026-10894

Use after free in Printing in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.5AI score0.00286EPSS
Exploits0References3
Circl
Circl
added 2026/06/05 1:23 p.m.10 views

CVE-2026-10894

creationtimestamp| type| source ---|---|--- 2026-06-05 13:23:26+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116697713800926918 2026-06-07 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260608 2026-06-07 18:00:00+00:00| seen|...

8.3CVSS5.3AI score0.00286EPSS
Exploits0References3
Circl
Circl
added 2025/09/25 5:23 a.m.2 views

CVE-2025-10894

creationtimestamp| type| source ---|---|--- 2025-09-25 05:23:19+00:00| seen| https://gist.github.com/Darkcrai86/2755052cf43db2d8afc28fee4f30321a...

9.6CVSS5.7AI score0.00527EPSS
Exploits0References1
OSV
OSV
added 2025/09/24 10:15 p.m.5 views

CVE-2025-10894

Malicious code was inserted into the Nx build system package and several related plugins. The tampered package was published to the npm software registry, via a supply-chain attack. Affected versions contain code that scans the file system, collects credentials, and posts them to GitHub as a repo...

9.6CVSS5.8AI score0.00527EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/09/23 4:55 p.m.3 views

CVE-2025-10894

Malicious code was inserted into the Nx build system package and several related plugins. The tampered package was published to the npm software registry, via a supply-chain attack. Affected versions contain code that scans the file system, collects credentials, and posts them to GitHub as a repo...

9.6CVSS7.1AI score0.00527EPSS
Exploits0References7
vulnersOsv
vulnersOsv
added 2025/08/27 11:12 p.m.3 views

@anarchitects/nx-js (>=0.0.1 <=0.0.3), @asd14/eslint-config (>=11.0.0 <=14.4.0) +76 more potentially affected by CVE-2025-10894 via nx (>=21.5.1-beta.3 <=21.7.0-canary.20250930-e144408)

nx NPM version =21.5.1-beta.3, =0.0.1, =11.0.0, =0.52.0, =2.23.0, =1.4.0, =3.1.1, =1.0.0, =6.10.0, =0.1.0-next.717, =9.0.0, =1.0.0, =0.0.1-alpha.7, =2.1.0 and more Source cves: CVE-2025-10894 Source advisory: OSV:MAL-2025-41443...

9.6CVSS5.7AI score0.00527EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/08/27 1:12 a.m.7 views

@10xsai/cloudflare-router-nx-plugin (=1.0.0), @akanjs/test (>=0.0.47 <=0.0.73) +115 more potentially affected by CVE-2025-10894 via @nx/workspace (>=20.0.0-beta.0 <=20.9.0-canary.20250415-bc685ce)

@nx/workspace NPM version =20.0.0-beta.0, =0.0.47, =0.0.2, =0.0.0, =1.0.0, =1.0.0, =0.5.0, =1.8.2, =3.1.0, =0.0.1, =0.0.4 and more Source cves: CVE-2025-10894 Source advisory: SNYK:JS-NXWORKSPACE-12205641...

9.6CVSS5.7AI score0.00527EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/08/27 1:12 a.m.12 views

@aws/nx-plugin (>=0.21.0 <=0.51.4), @caliobase/caliobase-nx (>=0.3.53 <=0.3.61) +49 more potentially affected by CVE-2025-10894 via @nx/workspace (>=21.0.0-beta.0 <=21.5.0-canary.20250904-2c678a1)

@nx/workspace NPM version =21.0.0-beta.0, =0.21.0, =0.3.53, =1.1.1, =2.1.1, =2.1.1, =2.1.1, =2.1.1, =0.0.1, =0.0.3, =0.0.1, =0.0.3, =0.0.3, =0.3.3 and more Source cves: CVE-2025-10894 Source advisory: SNYK:JS-NXWORKSPACE-12205641...

9.6CVSS5.7AI score0.00527EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/08/27 1:12 a.m.5 views

@apj-pace/pace-nx-plugin (>=0.0.2 <=0.0.5), @aws/nx-plugin (>=0.0.0 <=0.1.5) +59 more potentially affected by CVE-2025-10894 via nx (>=20.0.0-beta.0 <=20.0.9)

nx NPM version =20.0.0-beta.0, =0.0.2, =0.0.0, =0.5.0, =0.0.1, =20.0.0-beta.0, =20.0.0-beta.0, =20.0.0-beta.0, =20.0.0-beta.0, =20.0.0-beta.0, =20.0.0-beta.0, =20.0.0-beta.0, =20.0.0-beta.0, =20.0.0-canary.20240926-529ab94 and more Source cves: CVE-2025-10894 Source advisory: SNYK:JS-NX-12205542...

9.6CVSS5.7AI score0.00527EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/08/27 1:12 a.m.4 views

@abelfubu/schematics (=0.1.1), @anarchitects/nx-js (>=0.0.1 <=0.0.3) +118 more potentially affected by CVE-2025-10894 via nx (>=21.0.0-beta.0 <=21.7.0-canary.20250930-e144408)

nx NPM version =21.0.0-beta.0, =0.0.1, =11.0.0, =0.21.0, =0.0.1, =2.23.0, =0.3.53, =0.0.5, =0.0.4, =1.3.0, =0.0.1, =0.0.1-alpha.4 and more Source cves: CVE-2025-10894 Source advisory: SNYK:JS-NX-12205542...

9.6CVSS5.7AI score0.00527EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/08/27 1:12 a.m.8 views

@10xsai/cloudflare-router-nx-plugin (=1.0.0), @akanjs/cli (>=0.0.38 <=0.0.73) +452 more potentially affected by CVE-2025-10894 via @nx/devkit (>=20.0.0-beta.0 <=20.9.0-canary.20250415-bc685ce)

@nx/devkit NPM version =20.0.0-beta.0, =0.0.38, =0.0.38, =0.0.47, =0.0.1, =0.1.0, =8.1.1, =0.0.2, =0.0.1, =0.0.0, =1.0.0, =0.0.12-beta.1, =0.0.1, =0.0.3 and more Source cves: CVE-2025-10894 Source advisory: SNYK:JS-NXDEVKIT-12205635...

9.6CVSS5.7AI score0.00527EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/08/27 1:12 a.m.7 views

@naxodev/nx-cloudflare (>=4.0.0 <=4.0.2), @nestjs-mod/schematics (>=2.12.0 <=2.13.2) +9 more potentially affected by CVE-2025-10894 via @nx/node (>=20.0.0-beta.0 <=20.9.0-canary.20250415-bc685ce)

@nx/node NPM version =20.0.0-beta.0, =4.0.0, =2.12.0, =20.0.0-beta.0, =20.0.0-beta.0, =20.0.0-beta.0, =20.0.0, =20.0.0, =0.2.0, =20.0.0, =20.2.1-dev.3 - @terrxo/nx-cloudflare =4.0.1 - @ziacik/azure-func =4.0.0 Source cves: CVE-2025-10894 Source advisory: SNYK:JS-NXNODE-12205640...

9.6CVSS5.7AI score0.00527EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/08/27 1:12 a.m.7 views

@aws/nx-plugin (>=0.21.0 <=0.51.4), @caliobase/caliobase-nx (>=0.3.53 <=0.3.61) +47 more potentially affected by CVE-2025-10894 via @nx/js (>=21.0.0-beta.0 <=21.5.0-canary.20250904-2c678a1)

@nx/js NPM version =21.0.0-beta.0, =0.21.0, =0.3.53, =1.1.1, =2.1.1, =2.1.1, =2.1.1, =2.1.1, =0.0.1, =0.0.3, =0.0.1, =0.0.3, =0.0.3, =0.3.3 and more Source cves: CVE-2025-10894 Source advisory: SNYK:JS-NXJS-12205638...

9.6CVSS5.7AI score0.00527EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/08/27 1:12 a.m.6 views

@abelfubu/schematics (>=0.0.3 <=0.1.1), @alfresco/aca-generators (>=1.0.2 <=1.0.4) +115 more potentially affected by CVE-2025-10894 via @nx/devkit (>=21.0.0-beta.0 <=21.5.0-canary.20250904-2c678a1)

@nx/devkit NPM version =21.0.0-beta.0, =0.0.3, =1.0.2, =1.0.0, =1.0.2, =0.0.11, =0.21.0, =0.0.1, =0.3.53, =0.0.5, =0.0.4, =9.0.2, =9.1.0 - @eumentis/nx-plugin =1.3.0 and more Source cves: CVE-2025-10894 Source advisory: SNYK:JS-NXDEVKIT-12205635...

9.6CVSS5.7AI score0.00527EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:26 a.m.7 views

CVE-2016-10894

xtrlock through 2.10 does not block multitouch events. Consequently, an attacker at a locked screen can send input to and thus control various programs such as Chromium via events such as pan scrolling, "pinch and zoom" gestures, or even regular mouse clicks by depressing the touchpad once and th...

4.6CVSS6.7AI score0.00364EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/10 7:2 a.m.6 views

CVE-2024-10894 Payment Forms for Paystack <= 4.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Payment Forms for Paystack plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes like 'datepicker', 'textarea', and 'text' in all versions up to, and including, 4.0.2 due to insufficient input sanitization and output escaping on user supplied attributes...

6.4CVSS5.8AI score0.0029EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/04/10 7:2 a.m.30 views

CVE-2024-10894 Payment Forms for Paystack <= 4.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Payment Forms for Paystack plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes like 'datepicker', 'textarea', and 'text' in all versions up to, and including, 4.0.2 due to insufficient input sanitization and output escaping on user supplied attributes...

6.4CVSS0.0029EPSS
Exploits0References6
F5 Networks
F5 Networks
added 2025/03/11 7:12 p.m.10 views

K000150338: Wireshark/tshark vulnerabilities CVE-2019-10899, CVE-2019-10896, CVE-2019-10895, CVE-2019-10894, and CVE-2018-9263

Security Advisory Description CVE-2019-10899 In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC dissector could crash. This was addressed in epan/dissectors/packet-srvloc.c by preventing a heap-based buffer under-read. CVE-2019-10896 In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7,...

7.5CVSS6.6AI score0.05803EPSS
Exploits5
Rows per page
Query Builder