CVE-2026-10952

An use after free flaw was found in the Chrome for iOS component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=505231370...

CVE-2026-10952

creationtimestamp| type| source ---|---|--- 2026-06-05 13:23:37+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116697713800926918 2026-06-07 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260608...

Linux Distros Unpatched Vulnerability : CVE-2026-10952

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted...

CVE-2026-10952

Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2016-10952

The quotes-collection plugin before 2.0.6 for WordPress has XSS via the wp-admin/admin.php?page=quotes-collection page parameter...

cde (=0.2.0.1), env-wrappers (>=0.1.1 <=0.1.22) +1 more potentially affected by CVE-2025-10952 via ml-logger (=0.10.36)

ml-logger PYPI version =0.10.36 is affected by a known vulnerability. The following packages have a transitive dependency on ml-logger and may be impacted: - cde =0.2.0.1 - env-wrappers =0.1.1, =0.1.22 - graph-search =0.1.0 Source cves: CVE-2025-10952 Source advisory: OSV:GHSA-9X36-C74V-FGR6...

CVE-2017-10952

creationtimestamp| type| source ---|---|--- 2025-08-31 03:01:11+00:00| seen| MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d...

CVE-2024-10952

The The Authors List plugin for WordPress is vulnerable to arbitrary shortcode execution via updateauthorslistajax AJAX action in all versions up to, and including, 2.0.4. This is due to the software allowing users to execute an action that does not properly validate a value before running...

CVE-2024-10952

creationtimestamp| type| source ---|---|--- 2024-12-04 02:52:56+00:00| seen| https://infosec.exchange/users/cve/statuses/113592288895692725 2024-12-04 05:02:44+00:00| seen| https://t.me/cvedetector/11943...

CVE-2024-10952 Authors List <= 2.0.4 - Unauthenticated Arbitrary Shortcode Execution via update_authors_list_ajax

The The Authors List plugin for WordPress is vulnerable to arbitrary shortcode execution via updateauthorslistajax AJAX action in all versions up to, and including, 2.0.4. This is due to the software allowing users to execute an action that does not properly validate a value before running...

CVE-2020-10952

CVE-2020-10952 affects GitLab Community and Enterprise Editions (GitLab CE/EE) 8.11–12.9.1. An access control error allows blocked users to pull and push docker images, enabling unintended image access/manipulation. According to the linked advisories, GitLab released security updates fixing this ...

CVE-2016-10952

creationtimestamp| type| source ---|---|--- 2019-09-13 16:28:18+00:00| seen| https://t.me/cibsecurity/6738...

CVE-2016-10952

The CVE relates to the WordPress Quotes Collection plugin (versions before 2.0.6). Multiple sources in connected documents confirm a Cross-Site Scripting (XSS) vulnerability exposed via the wp-admin/admin.php?page=quotes-collection parameter. This indicates a reflected XSS condition where user-su...

CVE-2019-10952

An attacker could send a crafted HTTP/HTTPS request to render the web server unavailable and/or lead to remote code execution caused by a stack-based buffer overflow vulnerability. A cold restart is required for recovering CompactLogix 5370 L1, L2, and L3 Controllers, Compact GuardLogix 5370...

CVE-2019-10952 Rockwell Automation CompactLogix 5370 Uncontrolled Resource Consumption

An attacker could send a crafted HTTP/HTTPS request to render the web server unavailable and/or lead to remote code execution caused by a stack-based buffer overflow vulnerability. A cold restart is required for recovering CompactLogix 5370 L1, L2, and L3 Controllers, Compact GuardLogix 5370...

CVE-2019-10952

CVE-2019-10952 affects Rockwell Automation CompactLogix 5370 family (L1/L2/L3), Compact GuardLogix 5370, and Armor Compact GuardLogix 5370, versions 20–30 and earlier. The vulnerability is described as an uncontrolled resource consumption/stack-based buffer overflow in the web server that could b...

CVE-2018-10952

The CVE-2018-10952 entry affects the 2345 Security Guard 3.7 driver, specifically the X64 driver file 2345BdPcSafe.sys. The root cause is failure to validate input values from IOCTL 0x00222088, allowing local users to trigger a denial of service (BSOD) and potentially other unspecified impacts. C...

Foxit PhantomPDF < 8.3.2 Multiple Vulnerabilities

According to its version, the Foxit PhantomPDF application formally known as Phantom installed on the remote Windows host is prior to 8.3.2. It is, therefore, affected by multiple vulnerabilities: - A flaw exists in the app.launchURL method allowing a context-dependent attacker to potentially...

Foxit Reader < 8.3.2 Multiple Vulnerabilities

The version of Foxit Reader installed on the remote Windows host is prior to 8.3.2. It is, therefore, affected by multiple vulnerabilities: - A flaw exists in the app.launchURL method allowing a context-dependent attacker to potentially execute arbitrary code. CVE-2017-10951 - A flaw in the saveA...

CVE-2017-10952

CVE-2017-10952 affects Foxit Reader (and related Foxit products) with a vulnerability in the saveAs JavaScript function. The flaw allows writing arbitrary files to attacker-controlled locations and can lead to code execution under the current process, with exploitation requiring user interaction ...