CVE-2026-10980

The vulnerability CVE-2026-10980 affects Google Chrome DevTools and involves insufficient validation of untrusted input in DevTools. The issue allows a remote attacker who has compromised the renderer process to bypass the same-origin policy via a crafted HTML page, with the impact described as h...

Linux Distros Unpatched Vulnerability : CVE-2020-10980

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab EE/CE 8.0.rc1 to 12.9 is vulnerable to a blind SSRF in the FogBugz integration. CVE-2020-10980 Note that Nessus relies on the presence of the package as...

CVE-2024-10980

The Element Pack Elementor Addons Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows WordPress plugin before 5.10.3 does not validate and escape some of its Cookie Consent block options before outputting them back in a page/post where the block is embed, which could allow...

CVE-2019-10980

A type confusion vulnerability may be exploited when LAquis SCADA 4.3.1.71 processes a specially crafted project file. This may allow an attacker to execute remote code. The attacker must have local access to the system. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is...

CVE-2016-10980

The kento-post-view-counter plugin through 2.8 for WordPress has XSS via kentopvcgeo...

Linux Distros Unpatched Vulnerability : CVE-2017-10980

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An FR-GV-203 issue in FreeRADIUS 2.x before 2.2.10 allows DHCP - Memory leak in decodetlv and a denial of service. CVE-2017-10980 Note that Nessus relies on the...

CVE-2024-10980

creationtimestamp| type| source ---|---|--- 2024-11-29 06:04:04+00:00| seen| https://infosec.exchange/users/cve/statuses/113564728942205354...

CVE-2024-10980 Element Pack Elementor Addons < 5.10.3 - Contributor+ Stored XSS

The Element Pack Elementor Addons Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows WordPress plugin before 5.10.3 does not validate and escape some of its Cookie Consent block options before outputting them back in a page/post where the block is embed, which could allow...

CVE-2024-10980 Element Pack Elementor Addons < 5.10.3 - Contributor+ Stored XSS

The Element Pack Elementor Addons Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows WordPress plugin before 5.10.3 does not validate and escape some of its Cookie Consent block options before outputting them back in a page/post where the block is embed, which could allow...

CVE-2020-17405

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Senstar Symphony 7.3.2.2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SSOAuth process. The issue results from the lack of proper...

Deserialization of untrusted data

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Senstar Symphony 7.3.2.2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SSOAuth process. The issue results from the lack of proper...

CVE-2020-17405

CVE-2020-17405 affects Senstar Symphony 7.3.2.2. The issue is in the SSOAuth process, caused by a lack of validation of user-supplied data that leads to deserialization of untrusted data, enabling network-adjacent attackers to execute arbitrary code with SYSTEM privileges. Multiple sources (ZDI a...

CVE-2020-17405

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Senstar Symphony 7.3.2.2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SSOAuth process. The issue results from the lack of proper...

CVE-2020-10980

GitLab EE/CE 8.0.rc1 to 12.9 is vulnerable to a blind SSRF in the FogBugz integration...

CVE-2020-10980

GitLab EE/CE 8.0.rc1 to 12.9 is vulnerable to a blind SSRF in the FogBugz integration...

UBUNTU-CVE-2020-10980

GitLab EE/CE 8.0.rc1 to 12.9 is vulnerable to a blind SSRF in the FogBugz integration...

CVE-2020-10980

GitLab EE/CE versions 8.0.rc1–12.9 are affected by a blind SSRF vulnerability in the FogBugz integration. The issue arises from the FogBugz integration flow and can be exploited to perform server-side requests to arbitrary internal or external resources. Public references show a GitLab security r...

CVE-2016-10980

CVE-2016-10980 affects the WordPress plugin kento-post-view-counter up to version 2.8. The vulnerability is an XSS via the parameter kento_pvc_geo. Multiple connected sources corroborate the XSS vector, with additional notes from WPVulnDB indicating CSRF and multiple XSS vectors in the same plugi...

NewStart CGSL MAIN 4.05 : freeradius Multiple Vulnerabilities (NS-SA-2019-0107)

The remote NewStart CGSL host, running version MAIN 4.05, has freeradius packages installed that are affected by multiple vulnerabilities: - An out-of-bounds read flaw was found in the way FreeRADIUS server handled decoding of DHCP packets. A remote attacker could use this flaw to crash the...

CVE-2019-10980

LAquis SCADA 4.3.1.71 is affected by a type confusion in LQS file parsing that may allow remote code execution when processing a specially crafted project file. The vulnerability is scoped to LAquis SCADA and is associated with CVE-2019-10980 (CVSSv3 base score 7.8). Some sources indicate the att...