Chromium: CVE-2026-11670 Use after free in PDF

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-11670 vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2026-11670 vulnerabilities

Vulnerabilities for packages: chromium...

Linux Distros Unpatched Vulnerability : CVE-2026-11670

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in PDF in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file...

CVE-2026-11670

Use after free in PDF in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: High...

CVE-2025-11670

Zohocorp ManageEngine ADManager Plus versions before 8025 are vulnerable to NTLM Hash Exposure. This vulnerability is exploitable only by technicians who have the “Impersonate as Admin” option enabled...

CVE-2024-11670

Incorrect authorization in the permission validation component of Devolutions Remote Desktop Manager 2024.2.21 and earlier on Windows allows a malicious authenticated user to bypass the "View Password" permission via specific actions...

CVE-2024-11670

Incorrect authorization in the permission validation component of Devolutions Remote Desktop Manager 2024.2.21 and earlier on Windows allows a malicious authenticated user to bypass the "View Password" permission via specific actions...

CVE-2024-11670

creationtimestamp| type| source ---|---|--- 2024-11-25 14:52:48+00:00| seen| https://infosec.exchange/users/cve/statuses/113544158796765601...

CVE-2024-11670

Incorrect authorization in the permission validation component of Devolutions Remote Desktop Manager 2024.2.21 and earlier on Windows allows a malicious authenticated user to bypass the "View Password" permission via specific actions...

GreenCMS 2.3.0603 - Cross-Site Request Forgery / Remote Code Execution Vulnerabilities

Exploit for php platform in category web applications Exploit Title: GreenCMS v2.3.0603 CSRF vulnerability get webshell Exploit Author: xichao Vendor Homepage: https://github.com/GreenCMS/GreenCMS Software Link: https://github.com/GreenCMS/GreenCMS Version: v2.3.0603 CVE : CVE-2018-11670 An issue...

GreenCMS 2.3.0603 Cross Site Request Forgery

Exploit 1 of 2: Exploit Title: GreenCMS v2.3.0603 CSRF vulnerability get webshell Date: 2018-06-02 Exploit Author: xichao Vendor Homepage: https://github.com/GreenCMS/GreenCMS Software Link: https://github.com/GreenCMS/GreenCMS Version: v2.3.0603 CVE : CVE-2018-11670 An issue was discovered in...

GreenCMS 2.3.0603 - Cross-Site Request Forgery Remote Code Execution

GreenCMS 2.3.0603 - Cross-Site Request Forgery Remote Code Execution Exploit Title: GreenCMS v2.3.0603 CSRF vulnerability get webshell Date: 2018-06-02 Exploit Author: xichao Vendor Homepage: https://github.com/GreenCMS/GreenCMS Software Link: https://github.com/GreenCMS/GreenCMS Version: v2.3.06...

GreenCMS 2.3.0603 - Cross-Site Request Forgery / Remote Code Execution

Exploit Title: GreenCMS v2.3.0603 CSRF vulnerability get webshell Date: 2018-06-02 Exploit Author: xichao Vendor Homepage: https://github.com/GreenCMS/GreenCMS Software Link: https://github.com/GreenCMS/GreenCMS Version: v2.3.0603 CVE : CVE-2018-11670 An issue was discovered in GreenCMS v2.3.0603...

CVE-2018-11670

GreenCMS v2.3.0603 is affected by CVE-2018-11670: a CSRF weakness in index.php?m=admin&c=media&a=fileconnect enables an attacker to execute arbitrary PHP code, effectively a remote code execution path. Multiple public sources describe the vulnerability as triggered by submitting a crafted content...

CVE-2017-11670

The CVE-2017-11670 entry concerns eapmd5pass 1.4, where a length validation flaw in extract_eapusername allows an out-of-bounds read/write. A remote attacker could crash the eapmd5pass process by sending specially crafted network traffic. Connected sources (CNVD/NVD) corroborate the remote‑trigge...

loveroms.com IFRAME Injection vulnerability

Vulnerable URL: https://www.loveroms.com/roms.php?q=""; XANY Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| IFRAME Injection Vulnerability status:| Publicly disclosed Alexa Rank| 11670 VIP website status:| Yes Coordinated Disclosure Timeline: Description| Value ---|---...