14 matches found
CVE-2026-11092
Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to perform privilege escalation via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2026-11092
Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to perform privilege escalation via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2025-11092
A weakness has been identified in D-Link DIR-823X 250416. Affected by this issue is the function sub412E7C of the file /goform/setswitchsettings. This manipulation of the argument port causes command injection. The attack may be initiated remotely. The exploit has been made available to the publi...
CVE-2024-11092
The SVGPlus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and abov...
CVE-2024-11092
creationtimestamp| type| source ---|---|--- 2024-11-16 03:55:12+00:00| seen| https://infosec.exchange/users/cve/statuses/113490612210234530 2024-11-16 06:02:35+00:00| seen| https://t.me/cvedetector/11218...
CVE-2024-11092 SVGPlus <= 1.1.0 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
The SVGPlus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and abov...
WordPress SVGPlus Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)
Software SVGPlus Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11092 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 5db1152d81e3 Credits Francesco Carlucci Required...
CVE-2019-11092
CVE-2019-11092 affects Intel Open Cloud Integrity Technology (Open CIT) and OpenAttestation. Root cause: insufficient password protection in the attestation database, enabling an authenticated, local attacker to potentially disclose information. Impact: information disclosure with local access (M...
Open Cloud Integrity Technology and OpenAttestation Advisory
Summary: Multiple potential security vulnerabilities in Open Cloud Integrity Technology Open CIT and OpenAttestation may allow information disclosure. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2019-0179 Description:...
CVE-2018-11092
An issue was discovered in the Admin Notes plugin 1.1 for MyBB. CSRF allows an attacker to remotely delete all admin notes via an admin/index.php?empty=table aka Clear Table action...
CVE-2018-11092
The CVE describes a CSRF flaw in the MyBB Admin Notes plugin (version 1.1) where an attacker can remotely delete all admin notes via admin/index.php?empty=table (Clear Table). Affected component: Admin Notes plugin for MyBB. Impact: deletion of all admin notes. Root cause: CSRF vulnerability. Exp...
CVE-2017-11092
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the KGSL driver function kgslioctlgpucommand, a Use After Free condition can potentially occur...
CVE-2017-11092
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the KGSL driver function kgslioctlgpucommand, a Use After Free condition can potentially occur...
CVE-2017-11092
CVE-2017-11092 is an Android/AAF (KGSL) vulnerability in the Qualcomm graphics driver: the kgsl_ioctl_gpu_command path can trigger a Use After Free condition in the KGSL kernel driver on Android for MSM, Firefox OS for MSM, and QRD Android builds with CAF Linux kernels. The description notes a Us...