CVE-2026-11064

Race in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-11064

A security flaw has been discovered in Campcodes Online Learning Management System 1.0. Impacted is an unknown function of the file /admin/teachers.php. The manipulation of the argument department results in sql injection. It is possible to launch the attack remotely. The exploit has been release...

GeoVision GV-VR360 and GV-VD8700 Improper Authentication (CVE-2019-11064)

A vulnerability of remote credential disclosure was discovered in Advan VD-1 firmware versions up to 230. An attacker can export system configuration which is not encrypted to get the administrator's account and password in plain text via cgibin/ExportSettings.cgi?Export=1 without any...

CVE-2024-11064

creationtimestamp| type| source ---|---|--- 2024-11-11 07:43:33+00:00| seen| https://infosec.exchange/users/cve/statuses/113463198548061741 2024-11-11 10:15:08+00:00| seen| https://t.me/cvedetector/10486 2024-11-13 12:21:24+00:00| seen| https://t.me/truesecator/6423...

CVE-2024-11064 D-Link DSL6740C - OS Command Injection

The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet...

CVE-2024-11064 D-Link DSL6740C - OS Command Injection

The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet...

TYPO3 9.x < 9.5.17 / 10.x < 10.4.2 Multiple Vulnerabilities

The version of TYPO3 installed on the remote host is 9.x prior to 9.5.17 or 10.x prior to 10.4.2. It is, therefore, affected by multiple vulnerabilities: - A cross-site scripting XSS vulnerability exists in Typo3's form engine component due to improper validation of user-supplied input before...

CVE-2016-11064

creationtimestamp| type| source ---|---|--- 2020-06-20 01:55:13+00:00| seen| https://t.me/cibsecurity/12955...

CVE-2016-11064

An issue was discovered in Mattermost Desktop App before 3.4.0. Strings could be executed as code via injection...

CVE-2016-11064

Mattermost Desktop App fixed for CVE-2016-11064. Before 3.4.0, it is vulnerable to code execution via injection where strings could be executed as code. Affected component: Mattermost Desktop App. Root cause: injection allowing code execution through untrusted input during code segment constructi...

CVE-2020-11064

In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.17 and greater than or equal to 10.0.0 and less than 10.4.2, it has been discovered that HTML placeholder attributes containing data of other database records are vulnerable to cross-site scripting. A valid backend user account is need...

CVE-2020-11064 Cross-Site Scripting in TYPO3 CMS

In TYPO3 CMS greater than or equal to 9.0.0 and less than 9.5.17 and greater than or equal to 10.0.0 and less than 10.4.2, it has been discovered that HTML placeholder attributes containing data of other database records are vulnerable to cross-site scripting. A valid backend user account is need...

CVE-2020-11064

TYPO3 CMS vulnerability CVE-2020-11064: Cross-site scripting in the Form Engine via HTML placeholder attributes containing data from other database records. A valid backend user is required to exploit. Affected ranges: 9.0.0–9.5.16 and 10.0.0–10.4.1. The issue is fixed in TYPO3 9.5.17 and 10.4.2....

CVE-2019-11064

The CVE-2019-11064 issue affects Advan VD-1 firmware (up to v230). It enables remote credential disclosure: an attacker can export the unencrypted system configuration via cgibin/ExportSettings.cgi?Export=1 without authentication, exposing administrator account and password in plain text. This is...

CVE-2018-11064

The CVE-2018-11064 entry applies to Dell EMC Unity OE (4.3.0.x, 4.3.1.x) and UnityVSA OE (4.3.0.x, 4.3.1.x). A local, authenticated attacker can exploit an Incorrect File Permissions flaw to alter multiple library files in the service tools, potentially enabling arbitrary code execution with elev...

CVE-2018-11064

creationtimestamp| type| source ---|---|--- 2018-10-01 16:59:19+00:00| seen| MISP/5bb251b0-8710-4aab-bf7e-31960a021402...

CVE-2017-11064

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed during processing of ACANL80211VENDORSUBCMDEXTSCANPNOSETPASSPOINTLIST and QCANL80211VENDORSUBCMDEXTSCANPNOSETLIST cfg80211 vendor commands in...

CVE-2017-11064

CVE-2017-11064 is a WLAN vulnerability affecting Android for MSM (and variants) where a buffer overread occurs while processing ACA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_PASSPOINT_LIST and QCA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_LIST in __wlan_hdd_cfg80211_set_passpoint_list and hdd_extscan_pas...