CVE-2026-10916

creationtimestamp| type| source ---|---|--- 2026-06-05 13:23:30+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116697713800926918...

CVE-2026-10916

Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: High...

MiracleLinux 7 : lftp-4.4.8-12.el7 (AXSA:2020-4561:02)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-4561:02 advisory. lftp: particular remote file names may lead to current working directory erased CVE-2018-10916 Tenable has extracted the preceding description block directly...

CVE-2020-10916

This vulnerability allows network-adjacent attackers to escalate privileges on affected installations of TP-Link TL-WA855RE Firmware Ver: 855rev4-up-ver1-0-1-P120191213-rel60361 Wi-Fi extenders. Although authentication is required to exploit this vulnerability, the existing authentication mechani...

PT-2025-40026

Wordpress FormGent 1.0.4 - Unauthenticated Arbitrary File Deletion CVE: CVE-2025-10916 Original Researcher: Nxploited CVSS:7.5 high WPScan: https://t.co/AX48wu8IyC Cybersecurity BugBounty Hacking...

D-Link Multiple DNS NAS Devices Multiple Vulnerabilities (2024 - 2025)

Multiple D-Link DNS devices are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-10916

A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier All versions, SIMATIC PCS 7 V8.1 All versions V8.1 with WinCC V7.3 Upd 19, SIMATIC PCS 7 V8.2 All versions V8.2 SP1 with WinCC V7.4 SP1 Upd11, SIMATIC PCS 7 V9.0 All versions V9.0 SP2 with WinCC V7.4 SP1 Upd11, SIMATIC WinCC TI...

RHEL 6 : lftp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - lftp: particular remote file names may lead to current working directory erased CVE-2018-10916 Note that Nessus has...

Oracle Linux 7 : lftp (ELSA-2020-1045)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-1045 advisory. 4.4.8-12 - Resolves: 1611641 - CVE-2018-10916 lftp: particular remote file names may lead to current working directory erased Tenable has extracted the precedin...

SUSE CVE-2017-10916

The vCPU context-switch implementation in Xen through 4.8.x improperly interacts with the Memory Protection Extensions MPX and Protection Key PKU features, which makes it easier for guest OS users to defeat ASLR and other protection mechanisms, aka XSA-220...

SUSE: Security Advisory (SUSE-SU-2019:0643-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:1812-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:0642-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NewStart CGSL CORE 5.04 / MAIN 5.04 : lftp Vulnerability (NS-SA-2020-0068)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has lftp packages installed that are affected by a vulnerability: - It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local...

NewStart CGSL CORE 5.05 / MAIN 5.05 : lftp Vulnerability (NS-SA-2020-0103)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has lftp packages installed that are affected by a vulnerability: - It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local...

Amazon Linux 2 : lftp (ALAS-2020-1453)

The version of lftp installed on the remote host is prior to 4.4.8-12. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1453 advisory. It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of...

Medium: lftp

Issue Overview: It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled...

Huawei EulerOS: Security Advisory for lftp (EulerOS-SA-2020-1756)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux AMI : lftp (ALAS-2020-1383)

The version of lftp installed on the remote host is prior to 4.4.8-12.30. It is, therefore, affected by a vulnerability as referenced in the ALAS-2020-1383 advisory. It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss ...

Medium: lftp

Issue Overview: It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled...