38 matches found
CVE-2026-10980 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-10980 vulnerabilities
Vulnerabilities for packages: chromium...
SUSE CVE-2026-10980
Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: High...
Chromium: CVE-2026-10980 Insufficient validation of untrusted input in DevTools
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
CVE-2026-10980
creationtimestamp| type| source ---|---|--- 2026-06-05 13:23:41+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116697713800926918 2026-06-07 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260608 2026-06-07 18:00:00+00:00| seen|...
Linux Distros Unpatched Vulnerability : CVE-2026-10980
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer proces...
CVE-2026-10980
Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: High...
CVE-2026-10980
CVE-2026-10980 : In Google Chrome, the DevTools component had insufficient validation of untrusted input, allowing a remote attacker who had compromised the renderer process to bypass the same-origin policy via a crafted HTML page. This stems from a Chromium-level input-validation issue and could...
Linux Distros Unpatched Vulnerability : CVE-2020-10980
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab EE/CE 8.0.rc1 to 12.9 is vulnerable to a blind SSRF in the FogBugz integration. CVE-2020-10980 Note that Nessus relies on the presence of the package as...
CVE-2024-10980
The Element Pack Elementor Addons Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows WordPress plugin before 5.10.3 does not validate and escape some of its Cookie Consent block options before outputting them back in a page/post where the block is embed, which could allow...
CVE-2019-10980
A type confusion vulnerability may be exploited when LAquis SCADA 4.3.1.71 processes a specially crafted project file. This may allow an attacker to execute remote code. The attacker must have local access to the system. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is...
CVE-2016-10980
The kento-post-view-counter plugin through 2.8 for WordPress has XSS via kentopvcgeo...
Linux Distros Unpatched Vulnerability : CVE-2017-10980
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An FR-GV-203 issue in FreeRADIUS 2.x before 2.2.10 allows DHCP - Memory leak in decodetlv and a denial of service. CVE-2017-10980 Note that Nessus relies on the...
CVE-2024-10980
creationtimestamp| type| source ---|---|--- 2024-11-29 06:04:04+00:00| seen| https://infosec.exchange/users/cve/statuses/113564728942205354...
CVE-2024-10980 Element Pack Elementor Addons < 5.10.3 - Contributor+ Stored XSS
The Element Pack Elementor Addons Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows WordPress plugin before 5.10.3 does not validate and escape some of its Cookie Consent block options before outputting them back in a page/post where the block is embed, which could allow...
CVE-2024-10980 Element Pack Elementor Addons < 5.10.3 - Contributor+ Stored XSS
The Element Pack Elementor Addons Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows WordPress plugin before 5.10.3 does not validate and escape some of its Cookie Consent block options before outputting them back in a page/post where the block is embed, which could allow...
CVE-2020-17405
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Senstar Symphony 7.3.2.2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SSOAuth process. The issue results from the lack of proper...
Deserialization of untrusted data
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Senstar Symphony 7.3.2.2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SSOAuth process. The issue results from the lack of proper...
CVE-2020-17405
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Senstar Symphony 7.3.2.2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SSOAuth process. The issue results from the lack of proper...
CVE-2020-17405
CVE-2020-17405 affects Senstar Symphony 7.3.2.2. The issue is in the SSOAuth process, caused by a lack of validation of user-supplied data that leads to deserialization of untrusted data, enabling network-adjacent attackers to execute arbitrary code with SYSTEM privileges. Multiple sources (ZDI a...