Chromium: CVE-2026-11290 Integer overflow in WebView

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-11290

creationtimestamp| type| source ---|---|--- 2026-06-05 13:24:42+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116697713800926918 2026-06-07 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260608 2026-06-09 18:00:00+00:00| seen|...

Linux Distros Unpatched Vulnerability : CVE-2026-11290

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to cause a denial of service via a malicious file...

CVE-2025-11290 CRMEB JWT HMAC Secret hard-coded key

A vulnerability was identified in CRMEB up to 5.6.1. This affects an unknown function of the component JWT HMAC Secret Handler. Such manipulation of the argument secret with the input default leads to use of hard-coded cryptographic key . It is possible to launch the attack remotely. Attacks of...

CVE-2020-11290

Use after free condition in msm ioctl events due to race between the ioctl register and deregister events in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables...

CVE-2024-11290

creationtimestamp| type| source ---|---|--- 2025-01-07 04:38:05+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/315 2025-01-07 05:15:30+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lf4veq5r2422...

CVE-2024-11290 Member Access <= 1.1.6 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure

The Member Access plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.6 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to...

CVE-2024-11290

CVE-2024-11290 involves the WordPress plugin Member Access (WordPress Admin/RBAC plugin) with impact limited to Sensitive Information Exposure. According to Red Hat and Wordfence sources, all versions up to and including 1.1.6 are vulnerable, enabling unauthenticated attackers to leverage the Wor...

CVE-2019-11290

creationtimestamp| type| source ---|---|--- 2024-02-28 07:36:58+00:00| seen| https://t.me/ctinow/195158...

CVE-2020-11290

creationtimestamp| type| source ---|---|--- 2021-03-17 11:30:57+00:00| seen| https://t.me/cibsecurity/24996...

CVE-2020-11290

Use after free condition in msm ioctl events due to race between the ioctl register and deregister events in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables...

CVE-2020-11290

CVE-2020-11290 is a use-after-free in Qualcomm MSM ioctl event handling caused by a race between ioctl register and deregister. Affected are Snapdragon products including Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, Mobile, and Wearables. The issue stems from contention in the ioctl...

CVE-2020-11290

Use after free condition in msm ioctl events due to race between the ioctl register and deregister events in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables...

CVE-2019-11290

Cloud Foundry UAA Release, versions prior to v74.8.0, logs all query parameters to tomcat’s access file. If the query parameters are used to provide authentication, ie. credentials, then they will be logged as well...

CVE-2019-11290

Cloud Foundry UAA before version 74.8.0 logs all query parameters to Tomcat’s access log; if those parameters carry credentials, they are logged as well, causing information disclosure. The vulnerability affects Cloud Foundry UAA and CF deployment lineages prior to upgrades cited by Cloud Foundry...

CVE-2019-11290 Cloud Foundry UAA logs query parameters in tomcat access file

Cloud Foundry UAA Release, versions prior to v74.8.0, logs all query parameters to tomcat’s access file. If the query parameters are used to provide authentication, ie. credentials, then they will be logged as well...

Multiple Cloud Foundry Products CVE-2019-11290 Information Disclosure Vulnerability

Description Multiple Cloud Foundry Products are prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. The following products are affected: Cloud Foundry UAA versions prior to 74.8.0 Cloud Found...

CVE-2018-11290

In Snapdragon Automobile, Mobile, Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, QCA6584, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820A, SD 845, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDX20, SnapdragonHighMed2016, MAC...

CVE-2018-11290

CVE-2018-11290 concerns Qualcomm/Snapdragon platforms where MAC address randomization during probe requests is not properly implemented due to a flawed RNG. The NVD entry lists affected Snapdragon/Mobile/Wear families (e.g., MDM9xxx, SD/SM-series, Snapdragon_High_Med_2016) and explicitly states t...

CVE-2017-11290

Adobe Connect 9.6.2 and earlier are affected by multiple vulnerabilities described in APSB17-35. The issues include: (1) SSRF bypassing network controls (CVE-2017-11291), (2) reflected XSS vulnerabilities (CVE-2017-11287, CVE-2017-11288, CVE-2017-11289), and (3) a UI redress/clickjacking vulnerab...