Chromium: CVE-2026-11641 Use after free in Bluetooth

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-11641

Use after free in Bluetooth in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-11641

Use after free in Bluetooth in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

CVE-2024-11641

creationtimestamp| type| source ---|---|--- 2025-01-26 11:16:07+00:00| seen| https://infosec.exchange/users/cve/statuses/113894369969710978 2025-01-26 12:15:50+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgnfptvatp2j 2025-01-26 13:06:18+00:00| seen|...

CVE-2024-11641 VikBooking Hotel Booking Engine & PMS <= 1.7.2 - Cross-Site Request Forgery to Authenticated (Subscriber+) Arbitrary File Upload

The VikBooking Hotel Booking Engine & PMS plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.7.2. This is due to missing or incorrect nonce validation on the 'save' function. This makes it possible for unauthenticated attackers to change plugi...

CVE-2024-11641 VikBooking Hotel Booking Engine & PMS <= 1.7.2 - Cross-Site Request Forgery to Authenticated (Subscriber+) Arbitrary File Upload

The VikBooking Hotel Booking Engine & PMS plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.7.2. This is due to missing or incorrect nonce validation on the 'save' function. This makes it possible for unauthenticated attackers to change plugi...

CVE-2020-11641 SiteManager Local File Inclusion Vulnerability

A local file inclusion vulnerability in B&R SiteManager versions 9.2.620236042 allows authenticated users to read sensitive files from SiteManager instances...

CVE-2020-11641

CVE-2020-11641 is a path traversal vulnerability affecting B&R SiteManager (all versions before v9.2.620236042) and GateManager (before v9.0.20262 for 4260/9250, and before v9.2.620236042 for 8250). The authenticated attacker can read sensitive files from SiteManager instances, leveraging imprope...

CVE-2020-11641

creationtimestamp| type| source ---|---|--- 2020-10-01 14:57:00+00:00| seen| https://t.me/truesecator/999...

B&R Automation SiteManager and GateManager

1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: B&R Industrial Automation GmbH Equipment: SiteManager and GateManager Vulnerabilities: Path Traversal, Uncontrolled Resource Consumption, Information Exposure, Improper Authentication, Information...

CVE-2019-11641

Anomali Agave formerly Drupot through 1.0.0 fails to avoid fingerprinting by including predictable data and minimal variation in size within HTML templates, giving attackers the ability to detect and avoid this system...

CVE-2019-11641

CVE-2019-11641 affects Anomali Agave (formerly Drupot) up to version 1.0.0. The root cause is fingerprinting via predictable data and minimal variation in HTML template sizes, enabling attackers to detect and avoid the system. Impact is limited to detection/avoidance as described; no explicit exp...

CVE-2018-11641

Use of Hard-coded Credentials in /var/www/xms/application/controllers/gatherLogs.php in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote attackers to interact with a web service...

CVE-2018-11641

Use of Hard-coded Credentials in /var/www/xms/application/controllers/gatherLogs.php in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote attackers to interact with a web service...

CVE-2018-11641

The vulnerability CVE-2018-11641 affects Dialogic PowerMedia XMS (administrative console) where the file /var/www/xms/application/controllers/gatherLogs.php uses hard-coded credentials. This allows remote attackers to interact with the web service in PowerMedia XMS 3.5 and earlier. Root cause is ...

Fedora Update for GraphicsMagick FEDORA-2018-bfb9835edd

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 27 : GraphicsMagick (2018-7c61d08c4f)

Latest stable release, includes many bug and security fixes. See also http://www.graphicsmagick.org/NEWS.htmljanuary-20-2017 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clea...

UBUNTU-CVE-2017-11641

GraphicsMagick 1.3.26 has a Memory Leak in the PersistCache function in magick/pixelcache.c during writing of Magick Persistent Cache MPC files...

CVE-2017-11641

GraphicsMagick 1.3.26 contains a Memory Leak in PersistCache (magick/pixel_cache.c) during writing of Magick Persistent Cache (MPC) files. Connected advisories (openSUSE-2018-407, USN-4222-1, DSA-4321-1, ALAS-2018-966) indicate this CVE-2017-11641 is among a set of related fixes; remediation is t...