15 matches found
CVE-2026-11635 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-11635
An use after free flaw was found in the Bluetooth component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=516987814...
SUSE CVE-2026-11635
Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-11635
Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
DEBIAN-CVE-2026-11635
Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
Linux Distros Unpatched Vulnerability : CVE-2026-11635
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially...
CVE-2024-11635 WordPress File Upload <= 4.24.12 - Unuathenticated Remote Code Execution
The WordPress File Upload plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.24.12 via the 'wfuABSPATH' cookie parameter. This makes it possible for unauthenticated attackers to execute code on the server...
CVE-2024-11635 WordPress File Upload <= 4.24.12 - Unuathenticated Remote Code Execution
The WordPress File Upload plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.24.12 via the 'wfuABSPATH' cookie parameter. This makes it possible for unauthenticated attackers to execute code on the server...
CVE-2024-11635
creationtimestamp| type| source ---|---|--- 2025-01-07 21:01:36+00:00| seen| https://bsky.app/profile/abrahack.bsky.social/post/3lf6kaflqkk2d 2025-01-08 07:20:59+00:00| seen| https://infosec.exchange/users/cve/statuses/113791523823209673 2025-01-08 07:38:26+00:00| published-proof-of-concept|...
CVE-2020-11635
CVE-2020-11635 affects Zscaler Client Connector prior to 3.1.0. The issue is insufficient validation of RPC clients, allowing a local adversary to execute code with system privileges or perform privileged actions. Affected component is the client connector’s RPC handling; impact is described as c...
CVE-2018-11635
Use of a Hard-coded Cryptographic Key used to protect cookie session data in /var/www/xms/application/config/config.php in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote attackers to bypass authentication...
CVE-2018-11635
Dialogic PowerMedia XMS (administration console) is affected by CVE-2018-11635 due to a hard-coded cryptographic key used to protect cookie session data in /var/www/xms/application/config/config.php. This vulnerability enables remote attackers to bypass authentication in PowerMedia XMS versions u...
CVE-2017-11635
An issue was discovered on Wireless IP Camera 360 devices. Attackers can read recordings by navigating to /mnt/idea0 or /mnt/idea1 on the SD memory card...
CVE-2017-11635
An issue was discovered on Wireless IP Camera 360 devices. Attackers can read recordings by navigating to /mnt/idea0 or /mnt/idea1 on the SD memory card...
CVE-2017-11635
CVE-2017-11635 affects Wireless IP Camera 360 devices. The vulnerability enables an attacker to read stored recordings by accessing the SD card via the unsupported paths /mnt/idea0 or /mnt/idea1 . The root cause is disclosed as an information disclosure issue on these devices, leading to partial ...