CVE-2026-11022

creationtimestamp| type| source ---|---|--- 2026-06-05 13:23:49+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116697713800926918...

Linux Distros Unpatched Vulnerability : CVE-2026-11022

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer proces...

syncthing-2.1.0-1.1 on GA media (moderate)

syncthing-2.1.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10764-1 Rating: moderate Cross-References: CVE-2020-11022 CVSS scores: CVE-2020-11022 SUSE : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be...

RHCOS 3 : OpenShift Container Platform 3.11 (RHSA-2020:2217)

The remote Red Hat Enterprise Linux CoreOS 3 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:2217 advisory. - jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method CVE-2020-11022 Note that Nessus has not tested for this issue bu...

MiracleLinux 9 : java-1.8.0-openjdk-1.8.0.472.b08-1.el9.ML.1 (AXSA:2025-11022:19)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11022:19 advisory. JDK: Enhance Path Factories CVE-2025-53066 JDK: Enhance Certificate Handling CVE-2025-53057 Tenable has extracted the preceding description block...

CVE-2025-11022

creationtimestamp| type| source ---|---|--- 2025-12-09 13:57:27+00:00| seen| https://bsky.app/profile/potato.software/post/3m7kp7fe4y722 2025-12-09 15:27:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m7kub565vj2k...

CVE-2025-11022

Cross-Site Request Forgery CSRF vulnerability in Personal Project Panilux allows Cross Site Request Forgery. This CSRF vulnerability resulting in Command Injection has been identified. This issue affects Panilux: before v.0.10.0. NOTE: The vendor was contacted and responded that they deny...

CVE-2025-11022

CVE-2025-11022 describes a CSRF vulnerability in Panilux prior to version 0.10.0 that can lead to Command Injection. The Red Hat, NVD, CVE List, ENISA EUVD, and other feeds list Panilux as affected with vendor denial of ownership noted in multiple entries. Connected sources confirm affected versi...

Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect version 10.0.8.3 Vulnerability Details CVEID:CVE-2013-4660 DESCRIPTION: The JS-YAML module before 2.0.5 for Node.js parses input without properly considering the unsafe !!js/function tag, which allows remote attackers to execute...

Ubuntu: Security Advisory (USN-7658-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-7622-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Hitachi Energy MSM

SUMMARY Hitachi Energy is aware of the vulnerability CVE-2020-11022 that affects MSM versions as listed below. If an attacker successfully exploits this vulnerability, it could impact the confidentiality, integrity or availability of MSM. Please consult the Recommended Immediate Actions Section...

Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.7.

Summary In addition to updates of open source dependencies, the following security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 8.0.7. Vulnerability Details CVEID:CVE-2024-7254 DESCRIPTION: Any project that parses untrusted Protocol Buffers data containing an...

Security Bulletin: Multiple security vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.

Summary jQuery is used by IBM Robotic Process Automation for Cloud Pak as part of Abbyy CVE-2015-9251, CVE-2019-11358, CVE-2020-11022, CVE-2020-11023, CVE-2020-23064. Kubernetes kube-apiserver is used by IBM Robotic Process Automation for Cloud Pak as part of the operator CVE-2020-8552. Go Go-Yam...

Advisory ROSA-SA-2025-2760

Software: doxygen 1.8.5 OS: rosa-server79 packageevrstring: doxygen-1.8.5-4.0.1.res7 CVE-ID: CVE-2020-11022 BDU-ID: 2020-05190 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the jQuery library is associated with a failure to take measures to protect the structure of a web page. Exploitation of th...

Linux Distros Unpatched Vulnerability : CVE-2020-11022

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM...

doxygen security update

1:1.8.5-4.0.1 - Fix CVE-2020-11022 and CVE-2022-11023 in vendored jQuery Orabug: 37577394...

Oracle Linux 9 : doxygen (ELSA-2025-1329)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-1329 advisory. 1:1.9.1-12 - Resolves: RHEL-78146, CVE-2020-11023, CVE-2020-11022 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Security Bulletin: Vulnerabilities in the jquery-1.10.0.js package affect Data Replication on Cloud Pak for Data

Summary Multiple vulnerabilities in the jquery-1.10.0.js package used in Data Replication on Cloud Pak for Data were addressed. Vulnerability Details CVEID:CVE-2020-11023 DESCRIPTION: In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing option elements from...

Oracle Siebel Server (October 2020 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by a vulnerability as referenced in the October 2020 CPU advisory. - Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM component: UIF Open UI jQuery. The supported version that is affected is 20.8...