Lucene search
K

20 matches found

Circl
Circl
added 2026/06/05 1:24 p.m.8 views

CVE-2026-11063

creationtimestamp| type| source ---|---|--- 2026-06-05 13:24:00+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116697713800926918 2026-06-07 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260608 2026-06-07 18:00:00+00:00| seen|...

9.6CVSS5.3AI score0.00234EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-11063

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in WebNN in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the rendere...

9.6CVSS5.5AI score0.00234EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/04 11:4 p.m.7 views

CVE-2026-11063

Insufficient validation of untrusted input in WebNN in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

5.5AI score0.00234EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/04 11:4 p.m.30 views

CVE-2026-11063

Insufficient validation of untrusted input in WebNN in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

0.00234EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/11 7:30 a.m.26 views

CVE-2024-11063 D-Link DSL6740C - OS Command Injection

The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet...

7.2CVSS0.01325EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/11 7:30 a.m.12 views

CVE-2024-11063 D-Link DSL6740C - OS Command Injection

The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet...

7.2CVSS8.2AI score0.01325EPSS
Exploits0References2
CVE
CVE
added 2024/11/11 7:30 a.m.54 views

CVE-2024-11063

The CVE-2024-11063 entry concerns the D-Link DSL6740C modem, where an OS command injection flaw exists in a functionality exposed via SSH/Telnet. The vulnerability allows remote attackers with administrator privileges to inject and execute arbitrary system commands. According to the provided metr...

7.2CVSS7.5AI score0.01325EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2020/08/25 9:15 p.m.18 views

CVE-2020-17402

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4 47270. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...

6.5CVSS6.3AI score0.00475EPSS
Exploits0References2
Prion
Prion
added 2020/08/25 9:15 p.m.14 views

Design/Logic Flaw

This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4 47270. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...

2.1CVSS6.3AI score0.00475EPSS
Exploits0References2Affected Software1
Circl
Circl
added 2020/06/20 1:55 a.m.7 views

CVE-2016-11063

creationtimestamp| type| source ---|---|--- 2020-06-20 01:55:15+00:00| seen| https://t.me/cibsecurity/12956...

6.1CVSS6AI score0.00685EPSS
Exploits0References1
CVE
CVE
added 2020/06/19 7:22 p.m.47 views

CVE-2016-11063

Mattermost Server prior to 3.5.1 is affected by a Cross‑Site Scripting (XSS) vulnerability via the file preview feature. This is confirmed across multiple sources (SUSE SUSECVEs, Red Hat, OpenSUSE advisories and OSV/NVD entries). The root cause is described as an XSS condition in the file preview...

6.1CVSS5.9AI score0.00685EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2020/05/13 10:15 p.m.99 views

CVE-2020-11063

TYPO3 CMS 10.4.0–10.4.1 contains a time‑based information disclosure vulnerability in the backend password reset flow that lets an attacker enumerate backend users by email. The issue has been fixed in 10.4.2, as documented by CVE-2020-11063 sources (NVD/OSV/Typer3 advisories). The CVSS base metr...

4.3CVSS4.2AI score0.01188EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2020/05/13 10:15 p.m.35 views

CVE-2020-11063 Observable Response Discrepancy in TYPO3 CMS

In TYPO3 CMS versions 10.4.0 and 10.4.1, it has been discovered that time-based attacks can be used with the password reset functionality for backend users. This allows an attacker to mount user enumeration based on email addresses assigned to backend user accounts. This has been fixed in 10.4.2...

3.7CVSS4.4AI score0.01188EPSS
Exploits0References2
OSV
OSV
added 2019/08/29 1:15 a.m.2 views

CVE-2019-11063

A broken access control vulnerability in SmartHome app Android versions up to 3.0.42190515, ios versions up to 2.0.22 allows an attacker in the same local area network to list user accounts and control IoT devices that connect with its gateway HG100 via http://target/smarthome/devicecontrol witho...

8.8CVSS7.3AI score
Exploits0References3
CVE
CVE
added 2019/08/29 12:19 a.m.173 views

CVE-2019-11063

The CVE-2019-11063 issue is a broken access control in the SmartHome app/Web API server affecting ASUS SmartHome (Android up to 3.0.42_190515; iOS up to 2.0.22) with gateway HG100. The vulnerability permits an attacker on the same LAN to enumerate user accounts and control connected IoT devices v...

10CVSS8.7AI score0.04451EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2019/08/29 12:19 a.m.21 views

CVE-2019-11063 SmartHome application has a broken access control vulnerability in its Web API Server

A broken access control vulnerability in SmartHome app Android versions up to 3.0.42190515, ios versions up to 2.0.22 allows an attacker in the same local area network to list user accounts and control IoT devices that connect with its gateway HG100 via http://target/smarthome/devicecontrol witho...

10CVSS9.2AI score0.04451EPSS
Exploits1References3
OSV
OSV
added 2018/08/10 8:29 p.m.2 views

CVE-2018-11063

Dell WMS versions 1.1 and prior are impacted by multiple unquoted service path vulnerabilities. Affected software installs multiple services incorrectly by specifying the paths to the service executables without quotes. This could potentially allow a low-privileged local user to execute arbitrary...

7.8CVSS6AI score0.00301EPSS
Exploits0References1
CVE
CVE
added 2018/08/10 8:0 p.m.49 views

CVE-2018-11063

Dell Wyse Management Suite (WMS) versions 1.1 and earlier are affected by unquoted service path vulnerabilities in multiple services. This could allow a low-privileged local user to execute arbitrary executables with elevated privileges. Remediation guidance is available in Dell's advisory SLN313...

7.8CVSS8.4AI score0.00301EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2017/10/10 8:29 p.m.17 views

CVE-2017-11063

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, as a result of a race condition between two userspace processes that interact with the driver concurrently, a null pointer dereference can potentially occur...

5.9CVSS5.5AI score0.00473EPSS
Exploits0References2
CVE
CVE
added 2017/10/10 8:0 p.m.51 views

CVE-2017-11063

CVE-2017-11063 describes a race condition between two userspace processes that interact with a driver in Android for MSM, Firefox OS for MSM, and QRD Android builds using CAF/Linux kernel. The race condition can lead to a null pointer dereference, i.e., a potential crash; exploitation details, af...

5.9CVSS5.8AI score0.00473EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder