Chromium: CVE-2026-11146 Insufficient validation of untrusted input in Chromoting

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-11146

creationtimestamp| type| source ---|---|--- 2026-06-05 13:24:15+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116697713800926918 2026-06-07 10:01:21+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnovww6yc625 2026-06-07 18:00:00+00:00| seen|...

Linux Distros Unpatched Vulnerability : CVE-2026-11146

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Chromoting in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer...

CVE-2019-11146

Improper file verification in Intel® Driver & Support Assistant before 19.7.30.2 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2025-11146

Reflected Cross-site scripting XSS in Apt-Cacher-NG v3.2.1. The vulnerability allows an attacker to execute malicious scripts XSS in the web management application. The vulnerability is caused by improper handling of GET inputs included in the URL in “/acng-report.html”. Mitigation Mitigation for...

CVE-2025-11146

creationtimestamp| type| source ---|---|--- 2025-09-29 09:56:31+00:00| seen| Telegram/YV40XV-S2LZK8j3iuG6-OhdgN0gfiSEwpR3g6jDmlH9q6w...

CVE-2020-11146

Out of bound write while copying data using IOCTL due to lack of check of array index received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

CVE-2024-11146

creationtimestamp| type| source ---|---|--- 2025-01-17 05:28:20+00:00| seen| https://infosec.exchange/users/cve/statuses/113842041671276996 2025-01-17 05:56:43+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2099 2025-01-17 06:15:30+00:00| seen|...

CVE-2024-11146 TrueFiling authorization bypass via user-controlled keys

TrueFiling is a collaborative, web-based electronic filing system where attorneys, paralegals, court reporters and self-represented filers collect public legal documentation into cases. TrueFiling is an entirely cloud-hosted application. Prior to version 3.1.112.19, TrueFiling trusted some...

CVE-2024-11146 TrueFiling authorization bypass via user-controlled keys

TrueFiling is a collaborative, web-based electronic filing system where attorneys, paralegals, court reporters and self-represented filers collect public legal documentation into cases. TrueFiling is an entirely cloud-hosted application. Prior to version 3.1.112.19, TrueFiling trusted some...

CVE-2024-11146

TrueFiling (cloud-hosted filing system) prior to version 3.1.112.19 trusts client-controlled identifiers passed in URLs, enabling authenticated users to manipulate identifiers to gain partial access to case information and to partially change user access. The issue is a user-controlled authorizat...

SUSE: Security Advisory (SUSE-SU-2017:2303-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:2522-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:2317-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-11146

CVE-2020-11146 describes an out-of-bounds write during IOCTL data copying due to missing check of a user-provided array index in Qualcomm Snapdragon components (across Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, Mobile, Voice & Music, Wearables). This enables a local att...

CVE-2019-11146

Improper file verification in Intel® Driver & Support Assistant before 19.7.30.2 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2019-11146

Intel Driver & Support Assistant (before 19.7.30.2) is affected by CVE-2019-11146 due to improper file verification, which may allow an authenticated user to escalate privileges via local access. The issue is reported across multiple sources, including Intel’s advisory (Intel-SA-00276) and Red Ha...

Intel® Driver & Support Assistant Advisory

Summary: A potential security vulnerability in Intel® Driver & Support Assistant may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2019-11145 Description: Improper directory permissions for Intel®...

SUSE SLES12 Security Update : php5 (SUSE-SU-2017:2317-1)

This update for php5 fixes the following issues : - CVE-2016-10397: parseurl can be bypassed to return fake host. bsc1047454 - CVE-2017-11143: An invalid free in the WDDX deserialization of booleanparameters could be used by attackers able to inject XML for deserialization tocrash the PHP...

SUSE SLES12 Security Update : php7 (SUSE-SU-2017:2303-1)

This update for php7 fixes the following issues : - CVE-2016-10397: parseurl can be bypassed to return fake host. bsc1047454 - CVE-2017-11142: Remoteattackers could cause a CPU consumption denial of service attack by injectinglong form variables, related to main/phpvariables. bsc1048100 -...