20 matches found
CVE-2026-11679 vulnerabilities
Vulnerabilities for packages: chromium...
DEBIAN-CVE-2026-11679
Use after free in Codecs in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
Linux Distros Unpatched Vulnerability : CVE-2026-11679
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Codecs in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially...
CVE-2026-11679
CVE-2026-11679 : Use-after-free in Codecs within Google Chrome on Windows, fixed in the 149.0.7827.103 (and later) update. The vulnerability could allow a remote attacker who has compromised the renderer process to perform a sandbox escape via a crafted HTML page. Affected product is Google Chrom...
CVE-2026-11679
creationtimestamp| type| source ---|---|--- 2026-06-08 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260609 2026-06-09 09:01:06+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnttiyjrjy2s 2026-06-15 18:00:00+00:00|...
Fedora: Security Advisory (FEDORA-2025-0c12fa2541)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
BELL-CVE-2025-11679 CVE-2025-11679 does not affect BellSoft software
Bulletin has no description...
SUSE CVE-2025-11679
Out-of-bounds Read in lwsupngemitnextline in warmcat libwebsockets allows, when the LWSWITHUPNG flag is enabled during compilation and the HTML display stack is used, to read past a heap allocated buffer possibly causing a crash, when the user visits an attacker controlled website that contains a...
DEBIAN-CVE-2025-11679
Out-of-bounds Read in lwsupngemitnextline in warmcat libwebsockets allows, when the LWSWITHUPNG flag is enabled during compilation and the HTML display stack is used, to read past a heap allocated buffer possibly causing a crash, when the user visits an attacker controlled website that contains a...
CVE-2025-11679
Out-of-bounds Read in lwsupngemitnextline in warmcat libwebsockets allows, when the LWSWITHUPNG flag is enabled during compilation and the HTML display stack is used, to read past a heap allocated buffer possibly causing a crash, when the user visits an attacker controlled website that contains a...
CVE-2025-11679 Out-of-bounds Read in libwebsockets PNG parsing
Out-of-bounds Read in lwsupngemitnextline in warmcat libwebsockets allows, when the LWSWITHUPNG flag is enabled during compilation and the HTML display stack is used, to read past a heap allocated buffer possibly causing a crash, when the user visits an attacker controlled website that contains a...
CVE-2024-11679
An input validation weakness was reported in the TpmSetup module for some legacy System x server products that could allow a local attacker with elevated privileges to read the contents of memory...
CVE-2024-11679
An input validation weakness was reported in the TpmSetup module for some legacy System x server products that could allow a local attacker with elevated privileges to read the contents of memory...
CVE-2024-11679
An input validation weakness was reported in the TpmSetup module for some legacy System x server products that could allow a local attacker with elevated privileges to read the contents of memory...
CVE-2020-11679
creationtimestamp| type| source ---|---|--- 2024-10-28 14:39:24+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/1227...
CVE-2020-11679
Castel NextGen DVR v1.0.0 is vulnerable to privilege escalation via Adminstrator/Users/Edit/:UserId, where requests aren’t checked for admin authority, enabling a normal user to add roles and gain administrator privileges. The issue is fixed in v1.0.1 per linked disclosures; CVSS data in sources ...
CVE-2018-11679
CVE-2018-11679 affects CmsEasy 6.1_20180508. The connected documents describe a CSRF vulnerability that can add an article via the URL /index.php?case=table&act=add&table=archive&admin_dir=admin. The vulnerability details are consistently stated across sources; no explicit patch version or mitiga...
CVE-2017-11679
Cross-Site Request Forgery CSRF exists in Hashtopus 1.5g via the password parameter to admin.php in an a=config action...
CVE-2017-11679
CVE-2017-11679 describes a CSRF in Hashtopus 1.5g where an attacker can trigger actions via the password parameter to admin.php in an a=config action. The connected records confirm the vulnerability exists in Hashtopus 1.5g and identify the vulnerable parameter and endpoint, but they do not provi...
CVE-2017-11679
Cross-Site Request Forgery CSRF exists in Hashtopus 1.5g via the password parameter to admin.php in an a=config action...