Chromium: CVE-2026-11147 Use after free in WebML

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-11147

creationtimestamp| type| source ---|---|--- 2026-06-05 07:01:20+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnjkx645qb2r 2026-06-05 13:24:15+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116697713800926918...

CVE-2026-11147

Use after free in WebML in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

CVE-2019-11147

Insufficient access control in hardware abstraction driver for MEInfo software for IntelR CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45, 13.0.0, 14.0.10; TXEInfo software for IntelR TXE before versions 3.1.70 and 4.0.20; INTEL-SA-00086 Detection Tool version 1.2.7.0 or before;...

DEBIAN-CVE-2025-11147

Reflected cross-site scripting XSS in Apt-Cacher-NG v3.2.1. The vulnerability allows malicious scripts XSS to be executed in “/html/.html”...

CVE-2025-11147

Reflected cross-site scripting XSS in Apt-Cacher-NG v3.2.1. The vulnerability allows malicious scripts XSS to be executed in “/html/.html”...

CVE-2025-11147

creationtimestamp| type| source ---|---|--- 2025-09-29 09:56:29+00:00| seen| Telegram/q8KwOg9iKnetYlSdRIom8jtJP0HSh4DcfwiV2v0KYh96II...

CVE-2025-11147

Reflected cross-site scripting XSS in Apt-Cacher-NG v3.2.1. The vulnerability allows malicious scripts XSS to be executed in “/html/.html”...

CVE-2020-11147

Use after free issue in audio modules while removing and freeing objects during list iteration due to incorrect usage of macro in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile...

Linux Distros Unpatched Vulnerability : CVE-2017-11147

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter o...

CVE-2024-11147

ECOVACS robot lawnmowers and vacuums use a deterministic root password generated based on model and serial number. An attacker with shell access can login as root...

CVE-2019-11147

creationtimestamp| type| source ---|---|--- 2024-03-15 14:52:15+00:00| seen| https://t.me/ctinow/208816...

SUSE CVE-2017-11147

In PHP before 5.6.30 and 7.x before 7.0.15, the PHAR archive handler could be used by attackers supplying malicious archive files to crash the PHP interpreter or potentially disclose information due to a buffer over-read in the pharparsepharfile function in ext/phar/phar.c...

Ubuntu: Security Advisory (USN-3382-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:2522-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:2303-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:2317-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-11147

CVE-2020-11147 affects Snapdragon Compute, Snapdragon Industrial IOT, and Snapdragon Mobile: a use-after-free in audio modules caused by incorrect macro usage during list iteration when removing/freeing objects. Root cause is the macro misuse leading to freeing objects while iterating. Documented...

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-2221)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-11147

CVE-2019-11147 involvesInsufficient access control in the Intel CSME hardware abstraction driver (MEInfo) and related TXE/Detection Tool components, potentially allowing an authenticated user to escalate privileges via local access. Red Hat and CVE records describe the same issue and list affecte...