Chromium: CVE-2026-11629 Use after free in Ozone

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-11629 vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2026-11629 vulnerabilities

Vulnerabilities for packages: chromium...

SUSE CVE-2026-11629

Use after free in Ozone in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-11629

Use after free in Ozone in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

Linux Distros Unpatched Vulnerability : CVE-2026-11629

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Ozone in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Google Chrome < 149.0.7827.102 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 149.0.7827.102. It is, therefore, affected by multiple vulnerabilities as referenced in the 202606stable-channel-update-for-desktop0153744567 advisory. - Use after free in Tracing in Google Chrome prior to 149.0.7827.103...

CVE-2025-11629

A vulnerability has been found in RainyGao DocSys up to 2.02.36. This impacts the function getUserList of the file /Manage/getUserList.do. Such manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vend...

CVE-2024-11629

In Progress® Telerik® Document Processing Libraries, versions prior to 2025 Q1 2025.1.205, using .NET Standard 2.0, the contents of a file at an arbitrary path can be exported to RTF...

CVE-2024-11629

In Progress® Telerik® Document Processing Libraries, versions prior to 2025 Q1 2025.1.205, using .NET Standard 2.0, the contents of a file at an arbitrary path can be exported to RTF...

CVE-2024-11629

creationtimestamp| type| source ---|---|--- 2025-02-12 16:25:51+00:00| seen| https://infosec.exchange/users/cve/statuses/113991847200237351 2025-02-12 17:15:41+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhyofoqzd72a 2025-02-12 18:19:53+00:00| seen|...

CVE-2024-11629 Telerik Document Processing RTF Export of Arbitrary File Path

In Progress® Telerik® Document Processing Libraries, versions prior to 2025 Q1 2025.1.205, using .NET Standard 2.0, the contents of a file at an arbitrary path can be exported to RTF...

CVE-2024-11629 Telerik Document Processing RTF Export of Arbitrary File Path

In Progress® Telerik® Document Processing Libraries, versions prior to 2025 Q1 2025.1.205, using .NET Standard 2.0, the contents of a file at an arbitrary path can be exported to RTF...

CVE-2024-11629

CVE-2024-11629 affects Progress Telerik Document Processing Libraries (prior to 2025 Q1, version 2025.1.205) when targeting .NET Standard 2.0. The issue allows exporting the contents of a file at an arbitrary path to RTF, indicating an potential arbitrary file read/export vulnerability due to the...

CVE-2020-11629

EJBCA before 6.15.2.6 and 7.x before 7.3.1.2 is affected by a vulnerability in the External Command Certificate Validator . The validator allows uploading external linters to validate certificates, and is described as saving uploaded test certificates to the server. An attacker who gains access t...

CVE-2019-11629

Sonatype Nexus Repository Manager 2.x before 2.14.13 allows XSS...

CVE-2019-11629

CVE-2019-11629 concerns Nexus Repository Manager 2.x prior to 2.14.13, where a cross-site scripting (XSS) vulnerability exists in the web application. Description in the provided documents states that the vulnerability allows XSS but does not detail specific affected components beyond the product...

CVE-2018-11629

Default and unremovable support credentials user:lutron password:integration allow attackers to gain total super user control of an IoT device through a TELNET session to products using the HomeWorks QS Lutron integration protocol Revision M to Revision Y. NOTE: The vendor disputes this id as not...

CVE-2018-11629

Default and unremovable support credentials user:lutron password:integration allow attackers to gain total super user control of an IoT device through a TELNET session to products using the HomeWorks QS Lutron integration protocol Revision M to Revision Y. NOTE: The vendor disputes this id as not...

CVE-2018-11629

CVE-2018-11629 affects Lutron HomeWorks QS devices using the HomeWorks QS integration protocol (Rev M–Y). The issue arises from default, unremovable credentials (user: lutron, password: integration) that permit Telnet access and full admin-like control of the IoT device. Exploitation appears to e...