CVE-2026-11304

creationtimestamp| type| source ---|---|--- 2026-06-05 03:11:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnj5ybwh2m2o 2026-06-05 13:24:44+00:00| seen| https://infosec.exchange/users/cR0w/statuses/116697713800926918...

CVE-2026-11304

CVE-2026-11304: Use-after-free in PDFium affecting Google Chrome prior to 149.0.7827.53. A crafted PDF could trigger heap corruption. Impact is tied to PDF rendering in Chrome; mitigation is to update Chrome to the patched build (149.0.7827.53+). If exploitation details are not present in the pro...

CVE-2025-11304

CodeCanyon/ui-lib Mentor LMS (CodeCanyon/ui-lib Mentor LMS) is affected up to version 1.1.1. The vulnerability lies in an unknown API functionality that can cause a permissive cross-domain policy with untrusted domains, enabling remote exploitation. The exploit has been published, and the vendor ...

CVE-2024-11304

Missing input validation in the SEH Computertechnik utnserver Pro, SEH Computertechnik utnserver ProMAX, SEH Computertechnik INU-100 web-interface allows stored Cross-Site Scripting XSS. This issue affects utnserver Pro, utnserver ProMAX, INU-100 version 20.1.22 and below...

CVE-2020-11304

Possible out of bound read in DRM due to improper buffer length check. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking...

SEH utnserver Pro 20.1.22 Cross Site Scripting

St. Pölten UAS 20241118-0 ------------------------------------------------------------------------------- title| Multiple Stored Cross-Site Scripting product| SEH utnserver Pro vulnerable version| 20.1.22 fixed version| 20.1.35 CVE number| CVE-2024-11304 impact| High homepage|...

CVE-2024-11304

creationtimestamp| type| source ---|---|--- 2024-11-18 17:23:20+00:00| seen| https://t.me/cvedetector/11351 2025-09-25 00:36:29+00:00| seen| MISP/1c5c38d6-3401-41ac-be0e-4cf361fa6f51...

CVE-2024-11304 Multiple Stored Cross-Site Scripting

Missing input validation in the SEH Computertechnik utnserver Pro, SEH Computertechnik utnserver ProMAX, SEH Computertechnik INU-100 web-interface allows stored Cross-Site Scripting XSS. This issue affects utnserver Pro, utnserver ProMAX, INU-100 version 20.1.22 and below...

CVE-2024-11304

CVE-2024-11304 affects SEH Computertechnik utnserver Pro, ProMAX and INU-100 web interfaces. The root cause is missing input validation allowing stored Cross-Site Scripting (XSS) on versions 20.1.22 and earlier. Public sources confirm affected devices and show remediation paths: update to a newer...

Adobe Photoshop CC 18.1.1 < 18.1.2 / CC 2017.1.1 < 2017.1.2 Multiple Vulnerabilities (macOS APSB17-34)

The version of Adobe Photoshop CC installed on the remote macOS or Mac OS X host is prior to 18.1.2/2017.1.2. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb17-34 advisory. - An issue was discovered in Adobe Photoshop 18.1.1 2017.1.1 and earlier versions. An...

CVE-2020-11304

CVE-2020-11304 is a Qualcomm closed‑source component vulnerability describing an out-of-bounds read in DRM due to improper buffer length checks, impacting Snapdragon devices (e.g., Snapdragon Auto/Compute/Connectivity/IoT/Networking stacks). The CVE is listed with high impact (CVE/3.1) and high s...

CVE-2019-11304

...

CVE-2019-11304

CVE-2019-11304 entry is rejected/not used and does not represent an active vulnerability.

CVE-2020-17400

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

Design/Logic Flaw

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

CVE-2020-17400

The CVE-2020-17400 entry concerns Parallels Desktop (vulnerable through the prl_hypervisor kext). A local attacker who can run low-privilege code can exploit an input-validation flaw that leads to a read past the end of an allocated buffer, enabling privilege escalation and code execution in the ...

CVE-2020-17400

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

CVE-2018-11304

Possible buffer overflow in msmadspstreamcallbackput due to lack of input validation of user-provided data that leads to integer overflow in all Android releasesAndroid for MSM, Firefox OS for MSM, QRD Android from CAF using the Linux kernel...

CVE-2018-11304

CVE-2018-11304 describes a possible buffer overflow in msm_adsp_stream_callback_put caused by insufficient input validation of user-provided data, leading to an integer overflow across CAF-powered Android releases (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux kernel. The vuln...

CVE-2017-11304

Summary: CVE-2017-11304 affects Adobe Photoshop CC (as installed on macOS/Windows) version 18.1.1 (2017.1.1) and earlier. The connected documents identify an exploitable use-after-free condition in this Photoshop build that could, if exploited, lead to arbitrary code execution. The issue is part ...