61 matches found
CVE-2026-11100
creationtimestamp| type| source ---|---|--- 2026-06-05 13:24:07+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116697713800926918 2026-06-07 14:00:41+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnpdcv4hpa2u 2026-06-07 18:00:00+00:00| seen|...
CVE-2026-11100
Use after free in File Input in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
DEBIAN-CVE-2026-11100
Use after free in File Input in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11100
Summary (CVE-2026-11100): Use-after-free in the File Input component of Google Chrome on macOS, occurring before Chrome version 149.0.7827.53. The underlying issue is a use-after-free in File Input that can be triggered by a user-via UI gestures and a crafted HTML page, potentially enabling a san...
RHCOS 3 : OpenShift Container Platform 3.11 (RHSA-2020:1287)
The remote Red Hat Enterprise Linux CoreOS 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1287 advisory. - haproxy: HTTP request smuggling issue with transfer-encoding header containing an obfuscated chunked value CVE-2019-18277 - haprox...
MiracleLinux 8 : haproxy-1.8.15-6.el8.1 (AXSA:2020-172:01)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-172:01 advisory. haproxy: malformed HTTP/2 requests can lead to out-of-bounds writes CVE-2020-11100 Tenable has extracted the preceding description block directly from the...
CVE-2025-11100
creationtimestamp| type| source ---|---|--- 2025-09-28 10:33:45+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lzvcatlcku2j...
CVE-2025-11100
A vulnerability was identified in D-Link DIR-823X 250416. This affects the function uciset of the file /goform/setwifiblacklists. Such manipulation leads to command injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used...
Linux Distros Unpatched Vulnerability : CVE-2017-11100
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When SWFTools 0.9.2 processes a crafted file in swfextract, it can lead to a NULL Pointer Dereference in the swfFoldSprite function in lib/rxfswf.c...
TencentOS Server 3: haproxy (TSSA-2022:0043)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0043 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
CVE-2019-11100
Insufficient input validation in the subsystem for IntelR AMT before versions 11.8.70, 11.11.70, 11.22.70 and 12.0.45 may allow an unauthenticated user to potentially enable information disclosure via physical access...
CVE-2017-11100
When SWFTools 0.9.2 processes a crafted file in swfextract, it can lead to a NULL Pointer Dereference in the swfFoldSprite function in lib/rxfswf.c...
CVE-2024-11100
creationtimestamp| type| source ---|---|--- 2024-11-12 06:19:47+00:00| seen| https://t.me/cvedetector/10583...
CVE-2024-11100
A vulnerability was found in 1000 Projects Beauty Parlour Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument name leads to sql injection. The attack can be launched remotely...
CVE-2024-11100 1000 Projects Beauty Parlour Management System index.php sql injection
A vulnerability was found in 1000 Projects Beauty Parlour Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument name leads to sql injection. The attack can be launched remotely...
CVE-2024-11100 1000 Projects Beauty Parlour Management System index.php sql injection
A vulnerability was found in 1000 Projects Beauty Parlour Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument name leads to sql injection. The attack can be launched remotely...
CVE-2020-11100
creationtimestamp| type| source ---|---|--- 2024-10-31 01:40:27+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/1336...
Photon OS 2.0: Haproxy PHSA-2020-2.0-0227
An update of the haproxy package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-2.0-0227. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CVE-2019-11100
creationtimestamp| type| source ---|---|--- 2024-03-15 13:51:34+00:00| seen| https://t.me/ctinow/208751...
Amazon Linux 2 : haproxy2 (ALASHAPROXY2-2023-006)
The version of haproxy2 installed on the remote host is prior to 2.1.4-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2HAPROXY2-2023-006 advisory. In hpackdhtinsert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write...