CVE-2026-11271

creationtimestamp| type| source ---|---|--- 2026-06-05 13:24:38+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116697713800926918 2026-06-07 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260608 2026-06-07 18:00:00+00:00| seen|...

CVE-2026-11271

Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

CVE-2025-11271

creationtimestamp| type| source ---|---|--- 2025-11-06 06:46:16+00:00| seen| https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m4wxphebejf2 2025-11-06 08:03:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m4x42tp2hy2q...

CVE-2025-11271

The CVE-2025-11271 entry concerns WordPress Easy Digital Downloads (EDD) plugin versions up to and including 3.5.2. The vulnerability is an order verification bypass: the POST parameter verification_override=1 causes the verification check to be skipped unconditionally, enabling an attacker to su...

WordPress Easy Digital Download plugin <= 3.5.2 - Insufficient Verification to Order Manipulation vulnerability

Insufficient Verification to Order Manipulation vulnerability discovered by Jay - Student in WordPress Plugin Easy Digital Downloads versions = 3.5.2...

CVE-2020-11271

Possible out of bounds while accessing global control elements due to race condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired...

CVE-2024-11271

The CVE-2024-11271 entry concerns the WordPress Webinar Plugin – WebinarPress (WP Webinar System) vulnerable to data modification due to a missing capability check in multiple functions. Affected versions include all up to 1.33.24. The vulnerability allows authenticated users with subscriber-leve...

CVE-2024-11271 WordPress Webinar Plugin – WebinarPress <= 1.33.24 - Missing Authorization to Authenticated (Subscriber+) Webinar Updates

The WordPress Webinar Plugin – WebinarPress plugin for WordPress is vulnerable to modification of data due to a missing capability check on several functions in all versions up to, and including, 1.33.24. This makes it possible for authenticated attackers, with subscriber-level access and above, ...

CVE-2020-11271

creationtimestamp| type| source ---|---|--- 2021-02-22 12:28:15+00:00| seen| https://t.me/cibsecurity/23910...

CVE-2020-11271

CVE-2020-11271 describes a race-condition vulnerability causing possible out-of-bounds access when handling global control elements in Qualcomm Snapdragon firmware across multiple platforms (Snapdragon Auto/Compute/Connectivity, IoT, Mobile, Wearables, etc.). The issue is characterized by local a...

Pivotal Ops Manager CVE-2019-11271 Local Information Disclosure Vulnerability

Description Pivotal Ops Manager is prone to local information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. Technologies Affected Pivotal Cloud Foundry Ops Manager 2.3 Pivotal Cloud Foundry Ops Manager 2.3.0...

CVE-2019-11271

Cloud Foundry BOSH 270.x versions prior to v270.1.1, contain a BOSH Director that does not properly redact credentials when configured to use a MySQL database. A local authenticated malicious user may read any credentials that are contained in a BOSH manifest...

CVE-2019-11271

Cloud Foundry BOSH 270.x versions prior to 270.1.1 contain a BOSH Director that does not redact credentials when configured to use a MySQL database. A local authenticated attacker can read credentials contained in a BOSH manifest. Affected product/version: Cloud Foundry BOSH (270.x) before 270.1....

CVE-2018-11271

CVE-2018-11271 is an improper authentication vulnerability affecting Qualcomm Snapdragon platforms (broad range of Snapdragon Auto/Compute/Connectivity/IoT families and related devices). The issue relates to remote command handling caused by improper event handling, enabling potential unauthorize...

CVE-2018-11271

Improper authentication can happen on Remote command handling due to inappropriate handling of events in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607,...

CVE-2017-11271

Adobe Acrobat/Reader CVE-2017-11271 is described as an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format data, potentially leading to arbitrary code execution. Affected software includes Adobe Acrobat Reader 2017.009.20058 and earl...

Icecast (<= 2.0.1) Header Overwrite (win32)

No description provided by source. $Id: icecastheader.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of us...