Lucene search
K

20 matches found

SUSE CVE
SUSE CVE
added 2026/06/07 4:42 a.m.7 views

SUSE CVE-2026-11195

Inappropriate implementation in MHTML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.0019EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/06/05 2:0 p.m.10 views

Chromium: CVE-2026-11195 Inappropriate implementation in MHTML

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.5CVSS5.4AI score0.0019EPSS
Exploits0
Circl
Circl
added 2026/06/05 1:24 p.m.10 views

CVE-2026-11195

creationtimestamp| type| source ---|---|--- 2026-06-05 13:24:24+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116697713800926918 2026-06-07 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260608 2026-06-07 18:00:00+00:00| seen|...

6.5CVSS5.3AI score0.0019EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-11195

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in MHTML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures t...

6.5CVSS5.4AI score0.0019EPSS
Exploits0References2
NVD
NVD
added 2026/06/04 11:17 p.m.9 views

CVE-2026-11195

Inappropriate implementation in MHTML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.0019EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/04 11:5 p.m.29 views

CVE-2026-11195

Inappropriate implementation in MHTML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

0.0019EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 4:9 p.m.7 views

CVE-2020-11195

Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...

7.8CVSS7.3AI score0.00161EPSS
Exploits0
Patchstack
Patchstack
added 2024/11/19 12:0 a.m.10 views

WordPress Email Subscription Popup Plugin <= 1.2.22 is vulnerable to Cross Site Scripting (XSS)

Software Email Subscription Popup Type Plugin Vulnerable versions = 1.2.22 Fixed in 1.2.23 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11195 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 9dcd73e26d76 Credits Peter...

6.4CVSS6AI score0.0036EPSS
Exploits0References3Affected Software1
Ivanti
Ivanti
added 2023/02/14 7:22 a.m.8 views

SA40771 - 2017-07 Security Bulletin: Pulse Connect Secure (PCS) / Pulse Policy Secure (PPS): Cross Site Scripting Issue

Edit: 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. Multiple cross site scripting issues has been found in the Pulse Connect Secure / Pulse Policy Secure device. The cause of this issue is due to incorrect validation of user input sent t...

8.8CVSS6AI score0.00898EPSS
Exploits0
Circl
Circl
added 2021/02/22 12:28 p.m.3 views

CVE-2020-11195

creationtimestamp| type| source ---|---|--- 2021-02-22 12:28:00+00:00| seen| https://t.me/cibsecurity/23899...

7.8CVSS7.5AI score0.00161EPSS
Exploits0References1
NVD
NVD
added 2021/02/22 7:15 a.m.22 views

CVE-2020-11195

Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...

7.8CVSS0.00161EPSS
Exploits0References1
CVE
CVE
added 2021/02/22 6:25 a.m.83 views

CVE-2020-11195

CVE-2020-11195 concerns an out-of-bounds read/write in the Trust Authority (TA) when processing commands from the NS side, caused by an improper length check on command and response buffers. Affected are Snapdragon platforms including Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, Mob...

7.8CVSS7.7AI score0.00161EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2021/02/09 6:15 p.m.18 views

CVE-2020-17422

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

4.3CVSS0.02723EPSS
Exploits0References2
Prion
Prion
added 2021/02/09 6:15 p.m.20 views

Design/Logic Flaw

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

4.3CVSS3.3AI score0.02723EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/02/09 3:46 p.m.45 views

CVE-2020-17422

Foxit Studio Photo information disclosure (CVE-2020-17422) stems from improper validation in EPS file parsing, causing an out-of-bounds read of an allocated structure. Affected versions include Foxit Studio Photo 3.6.6.x; an attacker must lure a user to open a malicious page/file, enabling inform...

4.3CVSS3.3AI score0.02723EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/02/09 3:46 p.m.31 views

CVE-2020-17422

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...

3.3CVSS3.3AI score0.02723EPSS
Exploits0References2
OSV
OSV
added 2018/06/01 7:29 p.m.10 views

CVE-2018-11195

Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 before 18.04.1 are vulnerable to the browser "back and refresh" attack. This allows malicious users with physical access to the web browser of a Mahara user, after they have logged in, to potentially gain access to their Mahara...

6.8CVSS6.8AI score
Exploits0References2
UbuntuCve
UbuntuCve
added 2018/06/01 7:29 p.m.21 views

CVE-2018-11195

Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 before 18.04.1 are vulnerable to the browser "back and refresh" attack. This allows malicious users with physical access to the web browser of a Mahara user, after they have logged in, to potentially gain access to their Mahara...

6.8CVSS6.8AI score0.00521EPSS
Exploits1References3
Cvelist
Cvelist
added 2018/06/01 7:0 p.m.17 views

CVE-2018-11195

Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 before 18.04.1 are vulnerable to the browser "back and refresh" attack. This allows malicious users with physical access to the web browser of a Mahara user, after they have logged in, to potentially gain access to their Mahara...

6.7AI score0.00521EPSS
Exploits1References2
CVE
CVE
added 2017/07/12 8:0 p.m.59 views

CVE-2017-11195

Pulse Connect Secure 8.3R1 is affected by a reflected XSS in launchHelp.cgi. The helpLaunchPage parameter is echoed inside an IFRAME when it contains two quotes, with sanitization preventing simple quote closure but allowing javascript: or data: schemes to be abused. Affected component: launchHel...

6.1CVSS5.9AI score0.00898EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder