Lucene search
K

18 matches found

Chainguard
Chainguard
added yesterday3 views

CVE-2026-11012 vulnerabilities

Vulnerabilities for packages: chromium...

8.3CVSS7.2AI score0.00286EPSS
Exploits0
Circl
Circl
added 2026/06/05 1:23 p.m.10 views

CVE-2026-11012

creationtimestamp| type| source ---|---|--- 2026-06-05 13:23:46+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116697713800926918 2026-06-07 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260608 2026-06-09 18:00:00+00:00| seen|...

8.3CVSS5.3AI score0.00286EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-11012

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Serial in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially...

8.3CVSS5.5AI score0.00286EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/04 11:4 p.m.6 views

CVE-2026-11012

Use after free in Serial in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

5.5AI score0.00286EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/26 11:32 a.m.8 views

CVE-2025-11012 BehaviorTree Diagnostic Message script_parser.cpp ParseScript stack-based overflow

A vulnerability was determined in BehaviorTree up to 4.7.0. This affects the function ParseScript of the file /src/scriptparser.cpp of the component Diagnostic Message Handler. Executing manipulation of the argument errormsgsbuffer can lead to stack-based buffer overflow. The attack can only be...

5.3CVSS6.7AI score0.00225EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/05/22 7:9 a.m.7 views

CVE-2018-11012

ruibaby Halo 0.0.2 has stored XSS via the loginName and loginPwd parameters in a failed login attempt to AdminController.java...

6.1CVSS5.6AI score0.0063EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 2:13 p.m.10 views

CVE-2020-11012

MinIO versions before RELEASE.2020-04-23T00-58-49Z have an authentication bypass issue in the MinIO admin API. Given an admin access key, it is possible to perform admin API operations i.e. creating new service accounts for existing access keys - without knowing the admin secret key. This has bee...

9.3CVSS7AI score0.02103EPSS
Exploits0References1
NVD
NVD
added 2024/12/13 10:15 a.m.14 views

CVE-2024-11012

The The Notibar – Notification Bar for WordPress plugin for WordPress is vulnerable to arbitrary shortcode execution via njtnofitext AJAX action in all versions up to, and including, 2.1.4. This is due to the software allowing users to execute an action that does not properly validate a value...

6.3CVSS0.00465EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/12/13 9:27 a.m.24 views

CVE-2024-11012 Notibar – Notification Bar for WordPress <= 2.1.4 - Authenticated (Subscriber+) Arbitrary Shortcode Execution via njt_nofi_text

The The Notibar – Notification Bar for WordPress plugin for WordPress is vulnerable to arbitrary shortcode execution via njtnofitext AJAX action in all versions up to, and including, 2.1.4. This is due to the software allowing users to execute an action that does not properly validate a value...

6.3CVSS0.00465EPSS
Exploits0References4
Circl
Circl
added 2023/12/12 1:42 a.m.5 views

CVE-2020-11012

creationtimestamp| type| source ---|---|--- 2023-12-12 01:42:29+00:00| seen| https://t.me/arpsyndicate/1789...

9.3CVSS7.7AI score0.02103EPSS
Exploits0References1
CVE
CVE
added 2020/04/23 9:55 p.m.98 views

CVE-2020-11012

CVE-2020-11012 affects MinIO prior to RELEASE.2020-04-23T00-58-49Z. The admin API authentication bypass allows an admin access key to perform admin API operations (e.g., creating new service accounts for existing keys) without the admin secret key. The issue is documented across multiple sources ...

9.3CVSS7.8AI score0.02103EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2020/04/23 9:55 p.m.16 views

CVE-2020-11012 Authentication bypass MinIO Admin API

MinIO versions before RELEASE.2020-04-23T00-58-49Z have an authentication bypass issue in the MinIO admin API. Given an admin access key, it is possible to perform admin API operations i.e. creating new service accounts for existing access keys - without knowing the admin secret key. This has bee...

9.3CVSS9.5AI score0.02103EPSS
Exploits0References4
OSV
OSV
added 2019/09/20 3:15 p.m.5 views

CVE-2016-11012

The sola-support-tickets plugin before 3.13 for WordPress has incorrect access control for /wp-admin with resultant XSS...

5.4CVSS5.8AI score0.00783EPSS
Exploits2References2
CVE
CVE
added 2019/09/20 2:48 p.m.55 views

CVE-2016-11012

The CVE-2016-11012 entry affects the WordPress plugin sola-support-tickets prior to version 3.13 . The vulnerability is an incorrect access control for /wp-admin that enables an XSS condition. Public-facing details confirm an admin-page access issue can lead to script injections; no further explo...

5.4CVSS5.6AI score0.00783EPSS
Exploits2References2Affected Software1
NVD
NVD
added 2018/05/12 4:29 a.m.21 views

CVE-2018-11012

ruibaby Halo 0.0.2 has stored XSS via the loginName and loginPwd parameters in a failed login attempt to AdminController.java...

6.1CVSS6AI score0.0063EPSS
Exploits1References1
CVE
CVE
added 2018/05/12 4:0 a.m.49 views

CVE-2018-11012

ruibaby Halo 0.0.2 has a stored cross-site scripting vulnerability in which unsanitized input from loginName/loginPwd during a failed login to AdminController.java can be persisted and later executed in victims’ browsers. Public records list CVSS2 base 4.3 (MEDIUM) and CVSS3 base 6.1 (MEDIUM); no...

6.1CVSS5.8AI score0.0063EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2017/11/16 10:29 p.m.17 views

CVE-2017-11012

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when processing a specially crafted QCANL80211VENDORSUBCMDENCRYPTIONTEST cfg80211 vendor command a stack-based buffer overflow can occur...

7.8CVSS7.6AI score0.00105EPSS
Exploits0References1
CVE
CVE
added 2017/11/16 10:0 p.m.49 views

CVE-2017-11012

The CVE-2017-11012 issue is described across multiple sources as a stack-based buffer overflow in Qualcomm WLAN components used by Android on MSM platforms, triggered by processing a specially crafted QCA_NL80211_VENDOR_SUBCMD_ENCRYPTION_TEST cfg80211 vendor command. Connected CNVD entry attribut...

7.8CVSS7.3AI score0.00105EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder