CVE-2026-11658 vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2026-11658 vulnerabilities

Vulnerabilities for packages: chromium...

Linux Distros Unpatched Vulnerability : CVE-2026-11658

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer...

CVE-2026-11658

Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

CVE-2019-11658

Information exposure in Micro Focus Content Manager, versions 9.1, 9.2 and 9.3. This vulnerability when configured to use an Oracle database, allows valid system users to gain access to a limited subset of records they would not normally be able to access when the system is in an undisclosed...

CVE-2025-11658

CVE-2025-11658 affects ProjectsAndPrograms School Management System. The issue resides in the PHP file /assets/changeSllyabus.php, where an unknown function mishandles the File argument, allowing unrestricted remote file uploads. Exploitation is public and can be leveraged remotely, with no versi...

CVE-2020-11658

CA API Developer Portal 4.3.1 and earlier handles shared secret keys in an insecure manner, which allows attackers to bypass authorization...

CVE-2024-11658

creationtimestamp| type| source ---|---|--- 2024-11-25 06:02:18+00:00| seen| https://infosec.exchange/users/cve/statuses/113542072755611121...

SUSE CVE-2017-11658

In the WP Rocket plugin 2.9.3 for WordPress, the Local File Inclusion mitigation technique is to trim traversal characters .. -- however, this is insufficient to stop remote attacks and can be bypassed by using 0x00 bytes, as demonstrated by a .%00.../.%00.../ attack...

CVE-2020-11658

CVE-2020-11658 affects the Broadcom/CA API Developer Portal (versions 4.3.1 and earlier). The root cause is insecure handling of shared secret keys, which can let an attacker bypass authorization. The issue is classified with high to critical impact (CVSS scores: CVSS v3.1 base 9.8, HIGH confiden...

CVE-2020-11658

CA API Developer Portal 4.3.1 and earlier handles shared secret keys in an insecure manner, which allows attackers to bypass authorization...

CVE-2019-11658

The CVE-2019-11658 entry describes Information exposure in Micro Focus Content Manager (versions 9.1, 9.2, 9.3) when configured to use an Oracle database. The underlying issue permits valid system users to access a limited subset of records they would not normally access, particularly in an undis...

CVE-2017-11658

WP Rocket plugin for WordPress (version 2.9.3) is vulnerable to a Local File Inclusion bypass. The mitigation that trims traversal sequences (..) is ineffective when attackers can inject 0x00 bytes, enabling a remote attacker to bypass security restrictions via a null-byte injection (illustrated ...