13 matches found
CVE-2026-11390
creationtimestamp| type| source ---|---|--- 2026-07-14 05:40:57+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqline2oyb2x...
CVE-2019-11390
An issue was discovered in OWASP ModSecurity Core Rule Set CRS through 3.1.0. /rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf allows remote attackers to cause a denial of service ReDOS by entering a specially crafted string with seterrorhandler at the beginning and nested repetition operators. NOT...
CVE-2025-11390
creationtimestamp| type| source ---|---|--- 2025-10-07 12:55:14+00:00| seen| Telegram/GgQFAnUa-IztbBVcnUBSKBJWWAWhtkxjzAgcfhW6GKKw...
CVE-2024-11390
Unrestricted upload of a file with dangerous type in Kibana can lead to arbitrary JavaScript execution in a victim’s browser XSS via crafted HTML and JavaScript files. The attacker must have access to the Synthetics app AND/OR have access to write to the synthetics indices...
CVE-2024-11390
Unrestricted upload of a file with dangerous type in Kibana can lead to arbitrary JavaScript execution in a victim’s browser XSS via crafted HTML and JavaScript files. The attacker must have access to the Synthetics app AND/OR have access to write to the synthetics indices...
CVE-2024-11390 Kibana Unrestricted Upload of File with Dangerous Type Can Lead to XSS
Unrestricted upload of a file with dangerous type in Kibana can lead to arbitrary JavaScript execution in a victim’s browser XSS via crafted HTML and JavaScript files. The attacker must have access to the Synthetics app AND/OR have access to write to the synthetics indices...
CVE-2024-11390 Kibana Unrestricted Upload of File with Dangerous Type Can Lead to XSS
Unrestricted upload of a file with dangerous type in Kibana can lead to arbitrary JavaScript execution in a victim’s browser XSS via crafted HTML and JavaScript files. The attacker must have access to the Synthetics app AND/OR have access to write to the synthetics indices...
CVE-2020-11390
...
CVE-2020-11390
CVE-2020-11390 is rejected/not used per the description; this entry does not represent an active vulnerability.
CVE-2019-11390
An issue was discovered in OWASP ModSecurity Core Rule Set CRS through 3.1.0. /rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf allows remote attackers to cause a denial of service ReDOS by entering a specially crafted string with seterrorhandler at the beginning and nested repetition operators. NOT...
CVE-2017-11390
XML external entity XXE processing vulnerability in Trend Micro Control Manager 6.0, if exploited, could lead to information disclosure. Formerly ZDI-CAN-4706...
CVE-2017-11390
This CVE concerns an XML External Entity (XXE) processing vulnerability in Trend Micro Control Manager 6.0. The issue stems from XXE handling in the product’s input processing, enabling information disclosure if an attacker supplies malicious XML. Multiple connected sources (NVD entry, ZDI adviso...
JasPer Denial of Service Vulnerability (CNVD-2016-11390)
JasPer is an open source implementation of the JPEG-2000 codec . A denial of service vulnerability exists in JasPer. An attacker exploiting this vulnerability could cause a denial of service breach...