CVE-2026-11094

An use after free flaw was found in the Codecs component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=500174874...

CVE-2026-11094

creationtimestamp| type| source ---|---|--- 2026-06-05 13:24:06+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116697713800926918 2026-06-07 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260608 2026-06-07 18:00:00+00:00| seen|...

Linux Distros Unpatched Vulnerability : CVE-2026-11094

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Codecs in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially...

DEBIAN-CVE-2026-11094

Use after free in Codecs in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

MiracleLinux 8 : tigervnc-1.15.0-8.el8_10.ML.1 (AXSA:2025-11094:09)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11094:09 advisory. xorg: xmayland: Use-after-free in XPresentNotify structure creation CVE-2025-62229 xorg: xwayland: Use-after-free in Xkb client resource removal...

CVE-2025-11094

A security vulnerability has been detected in code-projects E-Commerce Website 1.0. This affects an unknown part of the file /pages/adminproductdetails.php. Such manipulation of the argument prodid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed publicl...

CVE-2024-11094 404 Solution <= 2.35.17 - Missing Authentication to Sensitive Information Exposure

The 404 Solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.35.17 via the export feature. This makes it possible for unauthenticated attackers to extract sensitive data such as redirects including GET parameters which may reveal...

WordPress 404 Solution Plugin <= 2.35.17 is vulnerable to Sensitive Data Exposure

Software 404 Solution Type Plugin Vulnerable versions = 2.35.17 Fixed in 2.35.18 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-11094 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 1a6e5a5e1d1a Credits Max Boll b0lli Required...

CVE-2020-11094

The October CMS debugbar plugin before version 3.1.0 contains a feature where it will log all requests and all information pertaining to each request including session data whenever it is enabled. This presents a problem if the plugin is ever enabled on a system that is open to untrusted users as...

CVE-2020-11094

CVE-2020-11094 affects the October CMS debugbar plugin prior to v3.1.0. The issue is an information disclosure vulnerability where the plugin logs all requests, including session data, which could allow untrusted users to view sensitive information. Affected component is the debugbar feature that...

CVE-2020-11094 Potential unauthorized access to stored request & session data when plugin is misconfigured in October CMS Debugbar

The October CMS debugbar plugin before version 3.1.0 contains a feature where it will log all requests and all information pertaining to each request including session data whenever it is enabled. This presents a problem if the plugin is ever enabled on a system that is open to untrusted users as...

Intel Fixes Critical, High-Severity Flaws Across Several Products

Intel has issued an updated advisory for more than 30 fixes addressing vulnerabilities across various products – including a critical flaw in Intel’s converged security and management engine CSME that could enable privilege-escalation. The bug CVE-2019-0153 exists in a subsystem of Intel CSME,...

CVE-2019-11094

creationtimestamp| type| source ---|---|--- 2019-05-17 16:51:45+00:00| seen| https://t.me/cvemitreorg/56...

CVE-2019-11094

CVE-2019-11094 relates to the Intel NUC Kit system firmware. The issue is an insufficient input validation vulnerability in the NUC firmware that could allow an authenticated local user to escalate privileges, cause a denial of service, or disclose information. Affected are Intel NUC Kit system f...

Intel® NUC Advisory

Summary: A potential security vulnerability in system firmware for Intel® NUC may allow escalation of privilege, denial of service, and/or information disclosure. Intel is releasing firmware updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2019-11094 Description...

Intelbras NCLOUD 300 1.0 - Authentication bypass

Intelbras NCLOUD 300 1.0 - Authentication bypass coding: utf-8 Exploit Title: Intelbras NCloud Authentication bypass Date: 16/05/2018 Exploit Author: Pedro Aguiar - [email protected] Vendor Homepage: http://www.intelbras.com.br/ Software Link:...

Intelbras NCLOUD 300 1.0 - Authentication bypass Exploit

Exploit for hardware platform in category web applications coding: utf-8 Exploit Title: Intelbras NCloud Authentication bypass Date: 16/05/2018 Exploit Author: Pedro Aguiar - email protected Vendor Homepage: http://www.intelbras.com.br/ Software Link:...

Intelbras NCLOUD 300 1.0 - Authentication bypass

coding: utf-8 Exploit Title: Intelbras NCloud Authentication bypass Date: 16/05/2018 Exploit Author: Pedro Aguiar - [email protected] Vendor Homepage: http://www.intelbras.com.br/ Software Link: http://www.intelbras.com.br/empresarial/wi-fi/para-sua-casa/roteadores/ncloud Version: 1.0 Test...

Intelbras NCLOUD 300 1.0 Authentication Bypass

coding: utf-8 Exploit Title: Intelbras NCloud Authentication bypass Date: 16/05/2018 Exploit Author: Pedro Aguiar - [email protected] Vendor Homepage: http://www.intelbras.com.br/ Software Link: http://www.intelbras.com.br/empresarial/wi-fi/para-sua-casa/roteadores/ncloud Version: 1.0 Test...

CVE-2018-11094

An issue was discovered on Intelbras NCLOUD 300 1.0 devices. /cgi-bin/ExportSettings.sh, /goform/updateWPS, /goform/RebootSystem, and /goform/vpnBasicSettings do not require authentication. For example, when an HTTP POST request is made to /cgi-bin/ExportSettings.sh, the username, password, and...