90 matches found
SUSE CVE-2026-11042
Use after free in Views in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11042
creationtimestamp| type| source ---|---|--- 2026-06-05 13:23:57+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116697713800926918 2026-06-07 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260608 2026-06-07 18:00:00+00:00| seen|...
Linux Distros Unpatched Vulnerability : CVE-2026-11042
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Views in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially...
CVE-2025-11042 vulnerabilities
Vulnerabilities for packages: gitlab-rails-ce, gitlab-workhorse-ce, gitlab-rails-ce-fips, gitlab-workhorse-ce-fips...
MiracleLinux 8 : php:7.2 (AXSA:2020-845:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-845:01 advisory. php: Invalid memory access in function xmlrpcdecode CVE-2019-9020 php: File rename across filesystems may allow unwanted access during processing...
CVE-2025-11042
Removed by vendor...
CVE-2025-11042 Allocation of Resources Without Limits or Throttling in GitLab
An issue was discovered in GitLab CE/EE affecting all versions starting from 17.2 before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1, that allows an attacker to cause uncontrolled CPU consumption, potentially leading to a Denial of Service DoS condition while using specific GraphQL queries...
CVE-2025-11042
Summary (CVE-2025-11042) : GitLab CE/ EE suffers a DoS-style flaw where specific GraphQL queries can cause uncontrolled CPU consumption across affected versions: 17.2–before 18.2.7, 18.3–before 18.3.3, and 18.4–before 18.4.1. The issue is linked to resource management during GraphQL handling and ...
GitLab 17.2 < 18.2.7 / 18.3 < 18.3.3 / 18.4 < 18.4.1 (CVE-2025-11042)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Allocation of Resources Without Limits or Throttling in GitLab CVE-2025-11042 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...
Oracle Linux 8 : socat (ELSA-2025-11042)
The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-11042 advisory. - add fix for CVE-2024-54661 Resolves: RHEL-70095 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...
CVE-2016-11042
An issue was discovered on Samsung mobile devices with L5.0/5.1 and M6.0 software. There is a SIM Lock bypass. The Samsung ID is SVE-2016-5381 June 2016...
CVE-2024-11042
creationtimestamp| type| source ---|---|--- 2025-03-20 11:40:22+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3lksmh7do2f2u 2025-04-15 21:02:25+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lmuxxzm5tp2e...
CVE-2024-11042 Arbitrary File Delete in invoke-ai/invokeai
In invoke-ai/invokeai version v5.0.2, the web API POST /api/v1/images/delete is vulnerable to Arbitrary File Deletion. This vulnerability allows unauthorized attackers to delete arbitrary files on the server, potentially including critical or sensitive system files such as SSH keys, SQLite...
CVE-2024-11042
CVE-2024-11042 affects invoke-ai/invokeai v5.0.2. The web API endpoint POST /api/v1/images/delete is vulnerable to Arbitrary File Deletion , enabling an attacker to delete arbitrary server files (e.g., SSH keys, SQLite databases, configuration files), potentially compromising integrity and availa...
Linux Distros Unpatched Vulnerability : CVE-2019-11042
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and...
Rocky Linux 8 : php:7.2 (RLSA-2020:1624)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:1624 advisory. - In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x before 7.2.13, a buffer over-read in PHAR reading functions may allow an...
[SECURITY] [DLA 3606-1] freerdp2 security update
Debian LTS Advisory DLA-3606-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost October 07, 2023 https://wiki.debian.org/LTS Package : freerdp2 Version : 2.3.0+dfsg1-2+deb10u3 CVE ID : CVE-2020-4030 CVE-2020-4031 CVE-2020-4032 CVE-2020-4033 CVE-2020-11017 CVE-2020-110...
CVE-2019-11042
creationtimestamp| type| source ---|---|--- 2023-04-21 09:55:20+00:00| published-proof-of-concept| https://t.me/criticalbug/580 2026-01-27 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-027-02...
Mageia: Security Advisory (MGASA-2019-0218)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE 15 Security Update : php7 (openSUSE-SU-2021:1130-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1130-1 advisory. - Tenable.sc leverages third-party software to help provide underlying functionality. Multiple third-party components were found to contain...