SUSE CVE-2026-11037

Out of bounds write in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. Chromium security severity: Medium...

CVE-2026-11037

creationtimestamp| type| source ---|---|--- 2026-06-05 13:23:56+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116697713800926918 2026-06-07 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260608 2026-06-07 18:00:00+00:00| seen|...

Linux Distros Unpatched Vulnerability : CVE-2026-11037

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds write in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file...

CVE-2026-11037

CVE-2026-11037 describes an out-of-bounds write in Chrome’s Codecs component, affecting Google Chrome before version 149.0.7827.53. The issue could allow a remote attacker to potentially achieve a sandbox escape via a crafted video file. Chromium/Chrome lists the vulnerability with a Chromium sec...

CVE-2025-11037

creationtimestamp| type| source ---|---|--- 2025-09-26 21:10:30+00:00| seen| https://gist.github.com/Darkcrai86/47c69544ba63cfa96c644b0019a53f71...

CVE-2024-11037

A path traversal vulnerability exists in binary-husky/gptacademic at commit 679352d, which allows an attacker to bypass the blockedpaths protection and read the config.py file containing sensitive information such as the OpenAI API key. This vulnerability is exploitable on Windows operating syste...

RockyLinux 8 : exiv2 (RLSA-2020:1577)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:1577 advisory. exiv2: infinite loop and hang in Jp2Image::readMetadata in jp2image.cpp could lead to DoS CVE-2019-20421 exiv2: null pointer dereference in the...

Ubuntu 16.04 ESM : PHP ImageMagick vulnerability (USN-4586-2)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-4586-2 advisory. USN-4586-1 fixed vulnerabilities in PHP ImageMagick. This update provides the corresponding update for Ubuntu 16.04 ESM. Tenable has extracted the preceding...

SUSE CVE-2018-11037

In Exiv2 0.26, the Exiv2::PngImage::printStructure function in pngimage.cpp allows remote attackers to cause an information leak via a crafted file...

aimmo (>=0.57.1 <=1.3.1b671), cfl-common (>=4.3.0 <=5.26.7) +100 more potentially affected by CVE-2020-11037 via wagtail (>=1.0.0 <=2.6.3)

wagtail PYPI version =1.0.0, =0.57.1, =4.3.0, =2.28.0, =0.5.0, =0.3.1, =0.1.29, =0.2.0, =2.0.3, =0.1.1, =0.2.9, =5.22.3, =0.0.1, =10.1.21 and more Source cves: CVE-2020-11037 Source advisory: OSV:GHSA-JJJR-3JCW-F8V6...

wagtail-metadata-mixin (=0.0.7), wagtailperson (>=0.9.8 <=0.10.0) potentially affected by CVE-2020-11037 via wagtail (>=2.8.0 <=2.8.1)

wagtail PYPI version =2.8.0, =0.9.8, =0.10.0 Source cves: CVE-2020-11037 Source advisory: OSV:GHSA-JJJR-3JCW-F8V6...

wagtail-metadata-mixin (=0.0.7), wagtailperson (>=0.9.8 <=0.10.0) potentially affected by CVE-2020-11037 via wagtail (>=2.8.0 <=2.8.1)

wagtail PYPI version =2.8.0, =0.9.8, =0.10.0 Source cves: CVE-2020-11037 Source advisory: OSV:PYSEC-2020-153...

CVE-2020-11037 Potential Observable Timing Discrepancy in Wagtail

In Wagtail before versions 2.7.3 and 2.8.2, a potential timing attack exists on pages or documents that have been protected with a shared password through Wagtail's "Privacy" controls. This password check is performed through a character-by-character string comparison, and so an attacker who is...

CVE-2020-11037

In Wagtail, a potential timing attack exists on pages or documents protected with a shared password via the Privacy controls. The password check uses a character-by-character comparison, enabling a timing analysis to potentially reveal the password when measured locally. Affected versions are bef...

Moderate: exiv2 security, bug fix, and enhancement update

The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The following packages have been upgraded to a later upstream version: exiv2 0.27.2. BZ1651917 Security Fixes: exiv2: infinite loop and hang in...

ALSA-2020:1577 Moderate: exiv2 security, bug fix, and enhancement update

The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. The following packages have been upgraded to a later upstream version: exiv2 0.27.2. BZ1651917 Security Fixes: exiv2: infinite loop and hang in...

Huawei EulerOS: Security Advisory for exiv2 (EulerOS-SA-2020-1502)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-11037

CVE-2016-11037 is a reservation duplicate of CVE-2016-6604. Connected records show a NULL pointer dereference in the Samsung Exynos fimg2d driver for Android L (5.0/5.1) and M (6.0), allowing unspecified impact via unknown vectors. Affected component: Samsung Exynos fimg2d graphics driver on affe...

openSUSE: Security Advisory for php7-imagick (openSUSE-SU-2020:0014-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Debian DSA-4576-1 : php-imagick - security update

An out-of-bounds write vulnerability was discovered in php-imagick, a PHP extension to create and modify images using the ImageMagick API, which could result in denial of service, or potentially the execution of arbitrary code. C Tenable Network Security, Inc. The descriptive text and package...