CVE-2026-11092

An insufficient policy enforcement flaw was found in the DevTools component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=500170887...

Chromium: CVE-2026-11092 Insufficient policy enforcement in DevTools

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Linux Distros Unpatched Vulnerability : CVE-2026-11092

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to...

CVE-2026-11092

Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to perform privilege escalation via a crafted Chrome Extension. Chromium security severity: Medium...

CVE-2026-11092

Summary of CVE-2026-11092 : Google Chrome’s DevTools policy enforcement is insufficient before version 149.0.7827.53. An attacker could persuade a user to install a crafted (malicious) Chrome Extension to execute privilege escalation. Affected software: Chrome with DevTools; trigger requires user...

CVE-2025-11092

A weakness has been identified in D-Link DIR-823X 250416. Affected by this issue is the function sub412E7C of the file /goform/setswitchsettings. This manipulation of the argument port causes command injection. The attack may be initiated remotely. The exploit has been made available to the publi...

CVE-2024-11092

The SVGPlus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and abov...

CVE-2024-11092

creationtimestamp| type| source ---|---|--- 2024-11-16 03:55:12+00:00| seen| https://infosec.exchange/users/cve/statuses/113490612210234530 2024-11-16 06:02:35+00:00| seen| https://t.me/cvedetector/11218...

CVE-2024-11092 SVGPlus <= 1.1.0 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload

The SVGPlus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and abov...

WordPress SVGPlus Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software SVGPlus Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11092 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 5db1152d81e3 Credits Francesco Carlucci Required...

CVE-2019-11092

CVE-2019-11092 affects Intel Open Cloud Integrity Technology (Open CIT) and OpenAttestation. Root cause: insufficient password protection in the attestation database, enabling an authenticated, local attacker to potentially disclose information. Impact: information disclosure with local access (M...

Open Cloud Integrity Technology and OpenAttestation Advisory

Summary: Multiple potential security vulnerabilities in Open Cloud Integrity Technology Open CIT and OpenAttestation may allow information disclosure. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2019-0179 Description:...

CVE-2018-11092

An issue was discovered in the Admin Notes plugin 1.1 for MyBB. CSRF allows an attacker to remotely delete all admin notes via an admin/index.php?empty=table aka Clear Table action...

CVE-2018-11092

The CVE describes a CSRF flaw in the MyBB Admin Notes plugin (version 1.1) where an attacker can remotely delete all admin notes via admin/index.php?empty=table (Clear Table). Affected component: Admin Notes plugin for MyBB. Impact: deletion of all admin notes. Root cause: CSRF vulnerability. Exp...

CVE-2017-11092

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the KGSL driver function kgslioctlgpucommand, a Use After Free condition can potentially occur...

CVE-2017-11092

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the KGSL driver function kgslioctlgpucommand, a Use After Free condition can potentially occur...

CVE-2017-11092

CVE-2017-11092 is an Android/AAF (KGSL) vulnerability in the Qualcomm graphics driver: the kgsl_ioctl_gpu_command path can trigger a Use After Free condition in the KGSL kernel driver on Android for MSM, Firefox OS for MSM, and QRD Android builds with CAF Linux kernels. The description notes a Us...