CVE-2026-10915

creationtimestamp| type| source ---|---|--- 2026-06-05 13:23:30+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116697713800926918...

CVE-2026-10915

Use after free in Core in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

D-Link NAS - Command Injection via Group Parameter

A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It has been rated as critical. Affected by this issue is the function cgiuseradd of the file /cgi-bin/accountmgr.cgi?cmd=cgiuseradd. The manipulation of the argument group leads to os command injection. i...

MiracleLinux 4 : rh-postgresql96-postgresql-9.6.10-1.AXS4 (AXSA:2018-3314:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-3314:01 advisory. postgresql: Certain host connection parameters defeat client-side security defenses CVE-2018-10915 postgresql: Missing authorization and memory...

MiracleLinux 7 : rh-postgresql10-postgresql-10.5-1.el7 (AXSA:2018-3312:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-3312:01 advisory. postgresql: Certain host connection parameters defeat client-side security defenses CVE-2018-10915 postgresql: Missing authorization and memory...

MiracleLinux 7 : postgresql-9.2.24-1.el7 (AXSA:2018-3306:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3306:02 advisory. postgresql: Certain host connection parameters defeat client-side security defenses CVE-2018-10915 Tenable has extracted the preceding description block...

CVE-2025-10915

creationtimestamp| type| source ---|---|--- 2026-01-13 08:14:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcc4eg4ukp2c 2026-01-13 18:14:16+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcd5utemfb2g...

CVE-2025-10915

The Dreamer Blog WordPress theme through 1.2 is vulnerable to arbitrary installations due to a missing capability check...

MiracleLinux 9 : firefox-140.3.0-1.el9_6.ML.1 (AXSA:2025-10915:32)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10915:32 advisory. firefox: thunderbird: Sandbox escape due to use-after-free in the Graphics: Canvas2D component CVE-2025-10527 firefox: thunderbird: Incorrect...

Exploit for Improper Neutralization in Dlink Dns-320_Firmware

CVE-2024-10915 - D-Link NAS Command Injection Exploit This Py...

D-Link Multiple DNS NAS Devices Multiple Vulnerabilities (2024 - 2025)

Multiple D-Link DNS devices are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2017-10915

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The shadow-paging feature in Xen through 4.8.x mismanages page references and consequently introduces a race condition, which allows guest OS users to obtain Xe...

postgresql security update

9.2.24-9.0.3 - Fixes CVE-2024-10979 where environment variable mutations Orabug: 37370704 - are incorrectly allowed from trusted PL/Perl code...

CVE-2024-10915

creationtimestamp| type| source ---|---|--- 2024-11-06 14:03:50+00:00| seen| https://infosec.exchange/users/cve/statuses/113436377202591036 2024-11-06 15:49:57+00:00| seen| https://t.me/cvedetector/10005 2024-11-07 03:26:04+00:00| seen|...

CVE-2024-10915 D-Link DNS-320/DNS-320LW/DNS-325/DNS-340L account_mgr.cgi cgi_user_add os command injection

A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It has been rated as critical. Affected by this issue is the function cgiuseradd of the file /cgi-bin/accountmgr.cgi?cmd=cgiuseradd. The manipulation of the argument group leads to os command injection. T...

RHEL 7 : rh-postgresql10-postgresql (RHSA-2018:2565)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2565 advisory. PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstream...

RHEL 6 / 7 : rh-postgresql95-postgresql (RHSA-2018:2511)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2511 advisory. PostgreSQL is an advanced object-relational database management system DBMS. The following packages have been upgraded to a later upstre...

SUSE CVE-2017-10915

The shadow-paging feature in Xen through 4.8.x mismanages page references and consequently introduces a race condition, which allows guest OS users to obtain Xen privileges, aka XSA-219...

Mageia: Security Advisory (MGASA-2018-0446)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:2564-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...