Chromium: CVE-2026-11106 Inappropriate implementation in Media

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Linux Distros Unpatched Vulnerability : CVE-2026-11106

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

CVE-2026-11106

Summary: CVE-2026-11106 describes an inappropriate implementation in Media in Google Chrome (Chromium-based) prior to 149.0.7827.53 that allowed a remote attacker to leak cross-origin data via a crafted HTML page. The vulnerability affects the Chrome/Chromium media pipeline and is rated Medium se...

CVE-2025-11106

creationtimestamp| type| source ---|---|--- 2025-09-28 14:51:13+00:00| seen| https://bsky.app/profile/potato.software/post/3lzvqnaslt72w...

CVE-2025-11106 code-projects Simple Scheduling System addfaculty.php sql injection

A vulnerability has been found in code-projects Simple Scheduling System 1.0. This vulnerability affects unknown code of the file /schedulingsystem/addfaculty.php. Such manipulation of the argument falname leads to sql injection. The attack can be executed remotely. The exploit has been disclosed...

CVE-2025-11106

The CVE-2025-11106 entry concerns Simple Scheduling System v1.0. Affected component: /schedulingsystem/addfaculty.php, where manipulation of the falname parameter enables SQL injection. Exploitation is described as remote, with public disclosure of the exploit noted in multiple sources. The conne...

CVE-2024-11106 Simple Restrict <= 1.2.7 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure

The Simple Restrict plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.7 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to...

CVE-2024-11106

CVE-2024-11106 affects the Simple Restrict WordPress plugin, exposing sensitive data from restricted posts unauthenticated via WordPress core search in all versions up to 1.2.7. Red Hat and Wordfence entries confirm the vulnerability and its impact; remediation is to upgrade to 1.2.7+ (patched).

CVE-2019-11106

creationtimestamp| type| source ---|---|--- 2024-03-15 14:21:52+00:00| seen| https://t.me/ctinow/208767...

SUSE CVE-2019-11106

Insufficient session validation in the subsystem for IntelR CSME before versions 11.8.70, 12.0.45, 13.0.10 and 14.0.10; IntelR TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege via local access...

Design/Logic Flaw

An issue was discovered on Samsung mobile devices with N7.x software. Dex Station allows App Pinning bypass and lock-screen bypass via the "Use screen lock type to unpin" option. The Samsung ID is SVE-2017-11106 February 2018...

CVE-2018-21082

An issue was discovered on Samsung mobile devices with N7.x software. Dex Station allows App Pinning bypass and lock-screen bypass via the "Use screen lock type to unpin" option. The Samsung ID is SVE-2017-11106 February 2018...

CVE-2018-21082

Affected product: Samsung mobile devices running N(7.x) with Dex Station. Issue: Dex Station enables App Pinning bypass and lock-screen bypass via the To unpin screen lock option. Root cause: bypass of app pinning/lock screen through the “Use screen lock type to unpin” flow. Impact: allows bypass...

CVE-2018-11106

creationtimestamp| type| source ---|---|--- 2020-04-01 20:58:16+00:00| seen| https://t.me/cibsecurity/10912...

CVE-2018-11106

NETGEAR has released fixes for a pre-authentication command injection in requesthandler.php security vulnerability on the following product models: WC7500, running firmware versions prior to 6.5.3.5; WC7520, running firmware versions prior to 2.5.0.46; WC7600v1, running firmware versions prior to...

CVE-2020-11106

Responsive Filemanager up to v9.14.0 contains a stored XSS in dialog.php caused by unsanitized $_SESSION['RF']['view_type'] when ajax_calls.php sets it (and then dialog.php reads it). This allows payloads injected via the type parameter in the view action to persist across navigation to dialog.ph...

CVE-2019-11106

Insufficient session validation in the subsystem for IntelR CSME before versions 11.8.70, 12.0.45, 13.0.10 and 14.0.10; IntelR TXE before versions 3.1.70 and 4.0.20 may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2019-11106

CVE-2019-11106 affects Intel CSME, TXE, AMT and related components. The issue is insufficient session validation in Intel CSME subsystems (and related TXE/AMT subsystems), potentially allowing a local attacker to escalate privileges. Affects CSME versions prior to 11.8.70, 12.0.45, 13.0.10 and 14...

Fedora Update for gnome-python2-extras FEDORA-2011-11106

Check for the Version of gnome-python2-extras OpenVAS Vulnerability Test Fedora Update for gnome-python2-extras FEDORA-2011-11106 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

Fedora Update for perl-Gtk2-MozEmbed FEDORA-2011-11106

Check for the Version of perl-Gtk2-MozEmbed OpenVAS Vulnerability Test Fedora Update for perl-Gtk2-MozEmbed FEDORA-2011-11106 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...