CVE-2026-10988

creationtimestamp| type| source ---|---|--- 2026-06-05 13:23:43+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116697713800926918...

CVE-2026-10988

Use after free in Views in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2016-10988

The leenkme plugin before 2.6.0 for WordPress has stored XSS via facebookmessage, facebooklinkname, facebookcaption, facebookdescription, defaultimage, or wphttpreferer...

CVE-2025-10988

A vulnerability was identified in YunaiV ruoyi-vue-pro up to 2025.09. This affects an unknown part of the file /crm/business/transfer. Such manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit is publicly available and might be used. The vendor w...

CVE-2019-10988

In Philips HDI 4000 Ultrasound Systems, all versions running on old, unsupported operating systems such as Windows 2000, the HDI 4000 Ultrasound System is built on an old operating system that is no longer supported. Thus, any unmitigated vulnerability in the old operating system could be exploit...

Linux Distros Unpatched Vulnerability : CVE-2017-10988

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was n...

CVE-2020-10988

creationtimestamp| type| source ---|---|--- 2024-11-14 06:07:01+00:00| seen| MISP/9d5c6706-60d3-49f0-a311-c46271978c8c...

CVE-2024-10988 code-projects E-Health Care System doctor_login.php sql injection

A vulnerability was found in code-projects E-Health Care System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Doctor/doctorlogin.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The...

CVE-2024-10988 code-projects E-Health Care System doctor_login.php sql injection

A vulnerability was found in code-projects E-Health Care System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Doctor/doctorlogin.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The...

Huawei EulerOS: Security Advisory for freeradius (EulerOS-SA-2021-1784)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:2243-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:2202-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-10988

The CVE-2020-10988 issue concerns the Tenda AC15 AC1900 router (firmware version 15.03.05.19). A hard-coded telnet credential in the tenda_login binary allows unauthenticated remote attackers to start a telnetd service on the device, enabling remote access at the network layer. This is the underl...

CVE-2016-10988

The leenkme plugin before 2.6.0 for WordPress has stored XSS via facebookmessage, facebooklinkname, facebookcaption, facebookdescription, defaultimage, or wphttpreferer...

CVE-2016-10988

The CVE-2016-10988 entry pertains to the leenkme WordPress plugin. Affected: leenkme plugin for WordPress. Vulnerable condition: stored cross-site scripting (XSS) via multiple fields (facebook_message, facebook_linkname, facebook_caption, facebook_description, default_image, _wp_http_referer). Ro...

CVE-2016-10988

The leenkme plugin before 2.6.0 for WordPress has stored XSS via facebookmessage, facebooklinkname, facebookcaption, facebookdescription, defaultimage, or wphttpreferer...

CVE-2018-10988

An issue was discovered on Diqee Diqee360 devices. A firmware update process, integrated into the firmware, starts at boot and tries to find the update folder on the microSD card. It executes code, without a digital signature, as root from the /mnt/sdcard/$PRONAME/upgrade.sh or...

CVE-2018-10988

CVE-2018-10988 affects Diqee Diqee360 devices. The firmware update process at boot reads an unsigned script from the microSD (upgrade.sh) and executes it as root, in /mnt/sdcard/$PRO_NAME/upgrade.sh or /sdcard/upgrage_360/upgrade.sh, without signature verification. This local vulnerability requir...

openSUSE: Security Advisory for freeradius-server (openSUSE-SU-2017:2270-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for freeradius-server (important)

This update for freeradius-server fixes the following issues: - update to 3.0.15 bsc1049086 Bind the lifetime of program name and python path to the module CVE-2017-10978: FR-GV-201: Check input / output length in makesecret bsc1049086 CVE-2017-10983: FR-GV-206: Fix read overflow when decoding DH...