Chromium: CVE-2026-11663 Use after free in Skia

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-11663 vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2026-11663

CVE-2026-11663 concerns Google Chrome affected by a use-after-free in Skia prior to version 149.0.7827.103. If a renderer-process compromise occurs, a crafted HTML page could potentially enable a sandbox escape. The vulnerability is described with a high severity. The document set indicates the f...

CVE-2026-11663

creationtimestamp| type| source ---|---|--- 2026-06-08 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260609 2026-06-15 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities20260616...

CVE-2019-11663

Clear text credentials are used to access managers app in Tomcat in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure...

CVE-2025-11663

A weakness has been identified in Campcodes Online Beauty Parlor Management System 1.0. The affected element is an unknown function of the file /admin/manage-services.php. This manipulation of the argument sername causes sql injection. The attack can be initiated remotely. The exploit has been ma...

CVE-2024-11663

creationtimestamp| type| source ---|---|--- 2024-11-25 08:35:47+00:00| seen| https://infosec.exchange/users/cve/statuses/113542676266150593...

CVE-2024-11663 Codezips E-Commerce Site search.php sql injection

A vulnerability classified as critical was found in Codezips E-Commerce Site 1.0. Affected by this vulnerability is an unknown functionality of the file search.php. The manipulation of the argument keywords leads to sql injection. The attack can be launched remotely. The exploit has been disclose...

CVE-2024-11663

Codezips E-Commerce Site 1.0 (search.php) is affected. The root cause is manipulation of the keywords argument, leading to an SQL injection vulnerability. The issue can be exploited remotely and has been publicly disclosed. Affected components: the search.php functionality; the vulnerability impa...

Ubuntu 16.04 ESM : WildMIDI vulnerabilities (USN-4807-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4807-1 advisory. It was discovered that WildMIDI incorrectly handled certain MID files. A remote attacker could possibly use this issue to cause a denial of service...

CVE-2018-11663

...

CVE-2018-11663

CVE-2018-11663 entry is rejected/not used and does not represent an active vulnerability.

CVE-2020-11663

The CVE-2020-11663 entry affects CA API Developer Portal versions up to 4.3.1. The root cause is insecure handling of 404 responses, which can enable open redirect attacks. Exploitation details or affected environments are not provided in the connected documents; no patch/version remediations are...

CVE-2019-11663

The CVE-2019-11663 issue affects Micro Focus Service Manager running on Tomcat and is documented in connected sources as exposing clear text credentials when accessing the managers app. Affected versions include 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, and 9.6...

Updated wildmidi packages fix security vulnerabilities

The WMSetupMidiEvent function in internalmidi.c:2318 in WildMIDI before 0.4.2 can cause a denial of serviceinvalid memory read and application crash via a crafted mid file CVE-2017-11661. The WMParseNewMidi function in fmidi.c in WildMIDI before 0.4.2 can cause a denial of serviceinvalid memory...

Fedora Update for wildmidi FEDORA-2017-dabf9a64d9

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2017-11663

The WMSetupMidiEvent function in internalmidi.c:2315 in WildMIDI 0.4.2 can cause a denial of service invalid memory read and application crash via a crafted mid file...

CVE-2017-11663

The WMSetupMidiEvent function in internalmidi.c:2315 in WildMIDI 0.4.2 can cause a denial of service invalid memory read and application crash via a crafted mid file...

CVE-2017-11663

The WMSetupMidiEvent function in internalmidi.c:2315 in WildMIDI 0.4.2 can cause a denial of service invalid memory read and application crash via a crafted mid file...

CVE-2017-11663

CVE-2017-11663 affects WildMIDI 0.4.2 and is caused by a flaw in the _WM_SetupMidiEvent function (internal_midi.c:2315) that can trigger a denial of service via a crafted MIDI file (invalid memory read, application crash). Several connected advisories reflect that upstream patches were released t...