Lucene search
K

25 matches found

RedhatCVE
RedhatCVE
added 2026/06/07 4:53 a.m.10 views

CVE-2026-11060

An use after free flaw was found in the Media component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=499018355...

9.6CVSS5.4AI score0.0028EPSS
Exploits0References5
Circl
Circl
added 2026/06/05 1:24 p.m.9 views

CVE-2026-11060

creationtimestamp| type| source ---|---|--- 2026-06-05 13:24:00+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116697713800926918 2026-06-07 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260608 2026-06-07 18:00:00+00:00| seen|...

8.8CVSS5.3AI score0.0028EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-11060

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Media in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HT...

8.8CVSS6.1AI score0.0028EPSS
Exploits0References2
NVD
NVD
added 2026/06/04 11:17 p.m.8 views

CVE-2026-11060

Use after free in Media in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS0.0028EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/04 11:4 p.m.7 views

CVE-2026-11060

Use after free in Media in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6AI score0.0028EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/09/02 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2020-11060

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GLPI before 9.4.6, an attacker can execute system commands by abusing the backup functionality. Theoretically, this vulnerability can be exploited by an...

9CVSS7.8AI score0.10949EPSS
Exploits7References2
Circl
Circl
added 2024/11/11 12:18 a.m.7 views

CVE-2024-11060

creationtimestamp| type| source ---|---|--- 2024-11-11 00:18:34+00:00| seen| https://infosec.exchange/users/cve/statuses/113461448806354716 2024-11-11 02:43:02+00:00| seen| https://t.me/cvedetector/10447...

6.5CVSS6.2AI score0.00311EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/11 12:0 a.m.26 views

CVE-2024-11060 Jinher Network Collaborative Management Platform 金和数字化智能办公平台 AcceptShow.aspx sql injection

A vulnerability classified as critical has been found in Jinher Network Collaborative Management Platform 金和数字化智能办公平台 1.0. Affected is an unknown function of the file /C6/JHSoft.Web.AcceptAip/AcceptShow.aspx/. The manipulation of the argument id leads to sql injection. It is possible to launch th...

6.5CVSS0.00311EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2023/10/10 12:0 a.m.562 views

GLPI GZIP(Py3) 9.4.5 Remote Code Execution

!/usr/bin/env python3 Exploit Title: GLPI GZIPPy3 9.4.5 - RCE Date: 08-30-2021 Exploit Authors: Brian Peters & n3rada Vendor Homepage: https://glpi-project.org/ Software Link: https://github.com/glpi-project/glpi/releases Version: 0.8.5-9.4.5 Tested on: Exploit ran on Kali 2021. GLPI Ran on Windo...

9CVSS7.1AI score0.10949EPSS
Exploits7
0day.today
0day.today
added 2023/10/09 12:0 a.m.379 views

GLPI GZIP(Py3) 9.4.5 - Remote Code Execution Exploit

!/usr/bin/env python3 Exploit Title: GLPI GZIPPy3 9.4.5 - RCE Date: 08-30-2021 Exploit Authors: Brian Peters & n3rada Vendor Homepage: https://glpi-project.org/ Software Link: https://github.com/glpi-project/glpi/releases Version: 0.8.5-9.4.5 Tested on: Exploit ran on Kali 2021. GLPI Ran on Windo...

8.8CVSS8.8AI score0.10949EPSS
Exploits7
Exploit DB
Exploit DB
added 2023/10/09 12:0 a.m.450 views

GLPI GZIP(Py3) 9.4.5 - RCE

!/usr/bin/env python3 Exploit Title: GLPI GZIPPy3 9.4.5 - RCE Date: 08-30-2021 Exploit Authors: Brian Peters & n3rada Vendor Homepage: https://glpi-project.org/ Software Link: https://github.com/glpi-project/glpi/releases Version: 0.8.5-9.4.5 Tested on: Exploit ran on Kali 2021. GLPI Ran on Windo...

9CVSS9AI score0.10949EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2020/12/14 12:0 a.m.32 views

FreeBSD : glpi -- Remote Code Execution (RCE) via the backup functionality (832fd11b-3b11-11eb-af2a-080027dbe4b7)

MITRE Corporation reports : In GLPI before 9.4.6, an attacker can execute system commands by abusing the backup functionality. Theoretically, this vulnerability can be exploited by an attacker without a valid account by using a CSRF. Due to the difficulty of the exploitation, the attack is only...

9CVSS7.9AI score0.10949EPSS
Exploits7References4
UbuntuCve
UbuntuCve
added 2020/05/12 8:15 p.m.33 views

CVE-2020-11060

In GLPI before 9.4.6, an attacker can execute system commands by abusing the backup functionality. Theoretically, this vulnerability can be exploited by an attacker without a valid account by using a CSRF. Due to the difficulty of the exploitation, the attack is only conceivable by an account...

9CVSS7.3AI score0.10949EPSS
Exploits7References3
CVE
CVE
added 2020/05/12 7:30 p.m.160 views

CVE-2020-11060

GLPI prior to 9.4.6 contains a vulnerability in the backup functionality that allows executing system commands. Exploitation is theoretically possible without a valid account via CSRF, but effectively requires an account with Maintenance privileges and the right to add WIFI networks. The issue is...

9CVSS7.9AI score0.10949EPSS
Exploits7References3Affected Software1
Cvelist
Cvelist
added 2020/05/12 7:30 p.m.58 views

CVE-2020-11060 Remote Code Execution in GLPI

In GLPI before 9.4.6, an attacker can execute system commands by abusing the backup functionality. Theoretically, this vulnerability can be exploited by an attacker without a valid account by using a CSRF. Due to the difficulty of the exploitation, the attack is only conceivable by an account...

7.4CVSS8.6AI score0.10949EPSS
Exploits7References3
Circl
Circl
added 2020/05/12 2:45 p.m.29 views

CVE-2020-11060

creationtimestamp| type| source ---|---|--- 2020-05-12 14:45:16+00:00| published-proof-of-concept| https://t.me/canyoupwnme/6428 2020-05-12 14:52:48+00:00| published-proof-of-concept| https://t.me/techpwnews/635 2021-06-15 01:19:34+00:00| seen| https://t.me/pwnwikizhchannel/649 2024-10-23...

9CVSS8.1AI score0.10949EPSS
Exploits7References4
Circl
Circl
added 2020/04/28 8:35 p.m.11 views

CVE-2016-11060

creationtimestamp| type| source ---|---|--- 2020-04-28 20:35:10+00:00| seen| https://t.me/cibsecurity/11700...

7.5CVSS7.4AI score0.01044EPSS
Exploits0References1
OSV
OSV
added 2020/04/28 5:15 p.m.4 views

CVE-2016-11060

Certain NETGEAR devices are affected by insecure renegotiation. This affects SRX5308 before 2017-02-10, FVS336Gv3 before 2017-02-10, FVS318N before 2017-02-10, and FVS318Gv2 before 2017-02-10...

7.5CVSS5.8AI score0.01044EPSS
Exploits0References1
CVE
CVE
added 2020/04/28 4:14 p.m.52 views

CVE-2016-11060

The provided data confirms CVE-2016-11060 involves NETGEAR devices affected by insecure TLS renegotiation. Affected products listed are SRX5308, FVS336Gv3, FVS318N, and FVS318Gv2 with vulnerable dates before 2017-02-10. The CNVD entry explicitly describes a Denial of Service impact resulting from...

7.5CVSS7.5AI score0.01044EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2019/08/29 1:15 a.m.17 views

CVE-2019-11060

The web api server on Port 8080 of ASUS HG100 firmware up to 1.05.12, which is vulnerable to Slowloris HTTP Denial of Service: an attacker can cause a Denial of Service DoS by sending headers very slowly to keep HTTP or HTTPS connections and associated resources alive for a long period of time...

7.8CVSS7.2AI score0.02958EPSS
Exploits0References3
Rows per page
Query Builder