Lucene search
K

20 matches found

Wolfi
Wolfi
added 4 days ago3 views

CVE-2026-11679 vulnerabilities

Vulnerabilities for packages: chromium...

8.3CVSS5.8AI score0.00179EPSS
Exploits0
OSV
OSV
added 2026/06/09 12:16 a.m.8 views

DEBIAN-CVE-2026-11679

Use after free in Codecs in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00179EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-11679

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Codecs in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially...

8.3CVSS5.5AI score0.00179EPSS
Exploits0References2
CVE
CVE
added 2026/06/08 11:27 p.m.25 views

CVE-2026-11679

CVE-2026-11679 : Use-after-free in Codecs within Google Chrome on Windows, fixed in the 149.0.7827.103 (and later) update. The vulnerability could allow a remote attacker who has compromised the renderer process to perform a sandbox escape via a crafted HTML page. Affected product is Google Chrom...

8.3CVSS5.5AI score0.00179EPSS
Exploits0References2Affected Software1
Circl
Circl
added 2026/06/08 6:0 p.m.9 views

CVE-2026-11679

creationtimestamp| type| source ---|---|--- 2026-06-08 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260609 2026-06-09 09:01:06+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnttiyjrjy2s 2026-06-15 18:00:00+00:00|...

8.3CVSS4.9AI score0.00179EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2025/12/10 12:0 a.m.3 views

Fedora: Security Advisory (FEDORA-2025-0c12fa2541)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.00369EPSS
Exploits0References14
OSV
OSV
added 2025/10/23 6:6 a.m.3 views

BELL-CVE-2025-11679 CVE-2025-11679 does not affect BellSoft software

Bulletin has no description...

5.9CVSS5.8AI score0.00356EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/10/20 11:40 p.m.3 views

SUSE CVE-2025-11679

Out-of-bounds Read in lwsupngemitnextline in warmcat libwebsockets allows, when the LWSWITHUPNG flag is enabled during compilation and the HTML display stack is used, to read past a heap allocated buffer possibly causing a crash, when the user visits an attacker controlled website that contains a...

5.9CVSS6.9AI score0.00356EPSS
Exploits0References3
OSV
OSV
added 2025/10/20 2:15 p.m.1 views

DEBIAN-CVE-2025-11679

Out-of-bounds Read in lwsupngemitnextline in warmcat libwebsockets allows, when the LWSWITHUPNG flag is enabled during compilation and the HTML display stack is used, to read past a heap allocated buffer possibly causing a crash, when the user visits an attacker controlled website that contains a...

5.9CVSS6.8AI score0.00356EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2025/10/20 2:15 p.m.3 views

CVE-2025-11679

Out-of-bounds Read in lwsupngemitnextline in warmcat libwebsockets allows, when the LWSWITHUPNG flag is enabled during compilation and the HTML display stack is used, to read past a heap allocated buffer possibly causing a crash, when the user visits an attacker controlled website that contains a...

5.9CVSS6AI score0.00356EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/20 1:58 p.m.1 views

CVE-2025-11679 Out-of-bounds Read in libwebsockets PNG parsing

Out-of-bounds Read in lwsupngemitnextline in warmcat libwebsockets allows, when the LWSWITHUPNG flag is enabled during compilation and the HTML display stack is used, to read past a heap allocated buffer possibly causing a crash, when the user visits an attacker controlled website that contains a...

5.9CVSS6.5AI score0.00356EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/04/13 6:56 p.m.26 views

CVE-2024-11679

An input validation weakness was reported in the TpmSetup module for some legacy System x server products that could allow a local attacker with elevated privileges to read the contents of memory...

6.7CVSS6.5AI score0.00144EPSS
Exploits0References1
NVD
NVD
added 2025/04/11 7:15 p.m.39 views

CVE-2024-11679

An input validation weakness was reported in the TpmSetup module for some legacy System x server products that could allow a local attacker with elevated privileges to read the contents of memory...

6.7CVSS0.00144EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/11 6:21 p.m.20 views

CVE-2024-11679

An input validation weakness was reported in the TpmSetup module for some legacy System x server products that could allow a local attacker with elevated privileges to read the contents of memory...

6.7CVSS4.5AI score0.00144EPSS
Exploits0References1
Circl
Circl
added 2024/10/28 2:39 p.m.4 views

CVE-2020-11679

creationtimestamp| type| source ---|---|--- 2024-10-28 14:39:24+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/1227...

8.8CVSS8.1AI score0.02018EPSS
Exploits3References1
CVE
CVE
added 2020/06/04 6:31 p.m.61 views

CVE-2020-11679

Castel NextGen DVR v1.0.0 is vulnerable to privilege escalation via Adminstrator/Users/Edit/:UserId, where requests aren’t checked for admin authority, enabling a normal user to add roles and gain administrator privileges. The issue is fixed in v1.0.1 per linked disclosures; CVSS data in sources ...

8.8CVSS8.9AI score0.02018EPSS
Exploits3References3Affected Software1
CVE
CVE
added 2018/06/02 12:0 p.m.45 views

CVE-2018-11679

CVE-2018-11679 affects CmsEasy 6.1_20180508. The connected documents describe a CSRF vulnerability that can add an article via the URL /index.php?case=table&act=add&table=archive&admin_dir=admin. The vulnerability details are consistently stated across sources; no explicit patch version or mitiga...

8.8CVSS8.6AI score0.00538EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2017/07/27 6:29 a.m.4 views

CVE-2017-11679

Cross-Site Request Forgery CSRF exists in Hashtopus 1.5g via the password parameter to admin.php in an a=config action...

8.8CVSS5.8AI score0.00683EPSS
Exploits1References2
CVE
CVE
added 2017/07/27 6:0 a.m.47 views

CVE-2017-11679

CVE-2017-11679 describes a CSRF in Hashtopus 1.5g where an attacker can trigger actions via the password parameter to admin.php in an a=config action. The connected records confirm the vulnerability exists in Hashtopus 1.5g and identify the vulnerable parameter and endpoint, but they do not provi...

8.8CVSS8.8AI score0.00683EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2017/07/27 6:0 a.m.24 views

CVE-2017-11679

Cross-Site Request Forgery CSRF exists in Hashtopus 1.5g via the password parameter to admin.php in an a=config action...

8.9AI score0.00683EPSS
Exploits1References2
Rows per page
Query Builder