20 matches found
CVE-2026-11063
creationtimestamp| type| source ---|---|--- 2026-06-05 13:24:00+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116697713800926918 2026-06-07 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260608 2026-06-07 18:00:00+00:00| seen|...
Linux Distros Unpatched Vulnerability : CVE-2026-11063
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in WebNN in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the rendere...
CVE-2026-11063
Insufficient validation of untrusted input in WebNN in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11063
Insufficient validation of untrusted input in WebNN in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2024-11063 D-Link DSL6740C - OS Command Injection
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet...
CVE-2024-11063 D-Link DSL6740C - OS Command Injection
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet...
CVE-2024-11063
The CVE-2024-11063 entry concerns the D-Link DSL6740C modem, where an OS command injection flaw exists in a functionality exposed via SSH/Telnet. The vulnerability allows remote attackers with administrator privileges to inject and execute arbitrary system commands. According to the provided metr...
CVE-2020-17402
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4 47270. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...
Design/Logic Flaw
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4 47270. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...
CVE-2016-11063
creationtimestamp| type| source ---|---|--- 2020-06-20 01:55:15+00:00| seen| https://t.me/cibsecurity/12956...
CVE-2016-11063
Mattermost Server prior to 3.5.1 is affected by a Cross‑Site Scripting (XSS) vulnerability via the file preview feature. This is confirmed across multiple sources (SUSE SUSECVEs, Red Hat, OpenSUSE advisories and OSV/NVD entries). The root cause is described as an XSS condition in the file preview...
CVE-2020-11063
TYPO3 CMS 10.4.0–10.4.1 contains a time‑based information disclosure vulnerability in the backend password reset flow that lets an attacker enumerate backend users by email. The issue has been fixed in 10.4.2, as documented by CVE-2020-11063 sources (NVD/OSV/Typer3 advisories). The CVSS base metr...
CVE-2020-11063 Observable Response Discrepancy in TYPO3 CMS
In TYPO3 CMS versions 10.4.0 and 10.4.1, it has been discovered that time-based attacks can be used with the password reset functionality for backend users. This allows an attacker to mount user enumeration based on email addresses assigned to backend user accounts. This has been fixed in 10.4.2...
CVE-2019-11063
A broken access control vulnerability in SmartHome app Android versions up to 3.0.42190515, ios versions up to 2.0.22 allows an attacker in the same local area network to list user accounts and control IoT devices that connect with its gateway HG100 via http://target/smarthome/devicecontrol witho...
CVE-2019-11063
The CVE-2019-11063 issue is a broken access control in the SmartHome app/Web API server affecting ASUS SmartHome (Android up to 3.0.42_190515; iOS up to 2.0.22) with gateway HG100. The vulnerability permits an attacker on the same LAN to enumerate user accounts and control connected IoT devices v...
CVE-2019-11063 SmartHome application has a broken access control vulnerability in its Web API Server
A broken access control vulnerability in SmartHome app Android versions up to 3.0.42190515, ios versions up to 2.0.22 allows an attacker in the same local area network to list user accounts and control IoT devices that connect with its gateway HG100 via http://target/smarthome/devicecontrol witho...
CVE-2018-11063
Dell WMS versions 1.1 and prior are impacted by multiple unquoted service path vulnerabilities. Affected software installs multiple services incorrectly by specifying the paths to the service executables without quotes. This could potentially allow a low-privileged local user to execute arbitrary...
CVE-2018-11063
Dell Wyse Management Suite (WMS) versions 1.1 and earlier are affected by unquoted service path vulnerabilities in multiple services. This could allow a low-privileged local user to execute arbitrary executables with elevated privileges. Remediation guidance is available in Dell's advisory SLN313...
CVE-2017-11063
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, as a result of a race condition between two userspace processes that interact with the driver concurrently, a null pointer dereference can potentially occur...
CVE-2017-11063
CVE-2017-11063 describes a race condition between two userspace processes that interact with a driver in Android for MSM, Firefox OS for MSM, and QRD Android builds using CAF/Linux kernel. The race condition can lead to a null pointer dereference, i.e., a potential crash; exploitation details, af...