CVE-2026-10986

Integer overflow in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a malicious file. Chromium security severity: High...

CVE-2026-10986

This CVE affects Google Chrome’s Media component, with an integer overflow in the Media path prior to version 149.0.7827.53. The underlying root cause is an integer overflow that could allow a remote attacker to execute arbitrary code inside Chromium’s sandbox when processing a malicious file. Th...

MiracleLinux 7 : kernel-3.10.0-1160.119.1.0.15.el7.AXS7 (AXSA:2025-10986:81)

"The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10986:81 advisory. ASoC: topology: Clean up route loading CVE-2024-41069 ASoC: topology: Fix references to freed memory CVE-2024-41069 drm/dpmst: Fix MST sideband...

CVE-2018-10986

OX Guard 2.8.0 has CSRF...

VulnCheck KEV: CVE-2017-10986

An FR-GV-303 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Infinite read in dhcpattr2vp" and a denial of service...

CVE-2025-10986

creationtimestamp| type| source ---|---|--- 2025-10-14 16:16:11+00:00| seen| Telegram/tUEEaDTfNLKuKEiKsY7nc8igOf4oBPqtousIUOkGhnjrNQ...

CVE-2024-10986

GPT Academic version 3.83 is vulnerable to a Local File Read LFI vulnerability through its HotReload function. This function can download and extract tar.gz files from arxiv.org. Despite implementing protections against path traversal, the application overlooks the Tarslip triggered by symlinks...

CVE-2024-10986

GPT Academic version 3.83 is vulnerable to a Local File Read LFI vulnerability through its HotReload function. This function can download and extract tar.gz files from arxiv.org. Despite implementing protections against path traversal, the application overlooks the Tarslip triggered by symlinks...

Linux Distros Unpatched Vulnerability : CVE-2017-10986

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An FR-GV-303 issue in FreeRADIUS 3.x before 3.0.15 allows DHCP - Infinite read in dhcpattr2vp and a denial of service. CVE-2017-10986 Note that Nessus relies on...

SUSE: Security Advisory (SUSE-SU-2017:2202-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-10986

CVE-2020-10986 refers to a CSRF vulnerability in the Tenda AC15 AC1900 router (version 15.03.05.19) where exploitation of the /goform/SysToolReboot endpoint allows remote attackers to cause a reboot and denial of service by hosting a payload on a malicious page. The root cause is cross-site reque...

CVE-2016-10986

The tweet-wheel plugin before 1.0.3.3 for WordPress has XSS via consumerkey, consumersecret, accesstoken, and accesstokensecret...

CVE-2016-10986

CVE-2016-10986 concerns the Tweet Wheel WordPress plugin prior to version 1.0.3.3, which is vulnerable to reflected Cross-Site Scripting (XSS) via the OAuth parameters consumer_key, consumer_secret, access_token, and access_token_secret. The issue is documented across multiple feeds (NVD, Red Hat...

CVE-2018-10986

CVE-2018-10986: OX Guard 2.8.0 is affected by a CSRF vulnerability. The CVSSv3 base score is 8.8 (HIGH) with network access, low attack complexity, and user interaction required; impacts include Confidentiality, Integrity, and Availability (all HIGH).

FreeRADIUS fr_dhcp_attr2vp Integer Underflow Out of Bounds Read (CVE-2017-10986)

FreeRADIUS RADIUS Server is an open source Other functions include setting the DNS servers, gateway, routes etc. The Bootstrap Protocol BOOTP was an older protocol standard built for the same functionality; DHCP servers extend the BOOTP protocol and provide additional features. BOOTP and DHCP use...

EulerOS 2.0 SP1 : freeradius (EulerOS-SA-2017-1167)

According to the versions of the freeradius package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer overflow leading to a heap-buffer overflow was found in the libnl library. An attacker could use this flaw to cause an application...

openSUSE: Security Advisory for freeradius-server (openSUSE-SU-2017:2270-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for freeradius-server (important)

This update for freeradius-server fixes the following issues: - update to 3.0.15 bsc1049086 Bind the lifetime of program name and python path to the module CVE-2017-10978: FR-GV-201: Check input / output length in makesecret bsc1049086 CVE-2017-10983: FR-GV-206: Fix read overflow when decoding DH...

Scientific Linux Security Update : freeradius on SL7.x x86_64 (20170802)

Security Fixes : - An out-of-bounds write flaw was found in the way FreeRADIUS server handled certain attributes in request packets. A remote attacker could use this flaw to crash the FreeRADIUS server or to execute arbitrary code in the context of the FreeRADIUS server process by sending a...

SUSE-SU-2017:2202-1 Security update for freeradius-server

This update for freeradius-server fixes the following issues: - update to 3.0.15 bsc1049086 Bind the lifetime of program name and python path to the module CVE-2017-10978: FR-GV-201: Check input / output length in makesecret bsc1049086 CVE-2017-10983: FR-GV-206: Fix read overflow when decoding DH...