25 matches found
CVE-2026-11687 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-11687 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-11687
An use after free flaw was found in the Dawn component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517303276...
Linux Distros Unpatched Vulnerability : CVE-2026-11687
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Dawn in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2026-11687
Summary: CVE-2026-11687 is a use-after-free in Dawn within Google Chrome for Mac, leading to potential heap corruption via a crafted HTML page. The underlying issue is a use-after-free in Dawn, with impact described as a remote attacker able to cause high-severity outcomes (confidentiality, integ...
CVE-2026-11687
Use after free in Dawn in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
Security update for python-gi-docgen (moderate)
openSUSE security update: security update for python-gi-docgen ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20497-1 Rating: moderate References: bsc1251961 Cross-References: CVE-2025-11687 CVSS scores: CVE-2025-11687 SUSE : 5.8...
OPENSUSE-SU-2026:20497-1 Security update for python-gi-docgen
This update for python-gi-docgen fixes the following issues: - CVE-2025-11687: Fixed reflected DOM XSS bsc1251961...
DEBIAN-CVE-2025-11687
A flaw was found in the gi-docgen. This vulnerability allows arbitrary JavaScript execution in the context of the page — enabling DOM access, session cookie theft and other client-side attacks — via a crafted URL that supplies a malicious value to the q GET parameter reflected DOM XSS...
CVE-2025-11687
A flaw was found in the gi-docgen. This vulnerability allows arbitrary JavaScript execution in the context of the page — enabling DOM access, session cookie theft and other client-side attacks — via a crafted URL that supplies a malicious value to the q GET parameter reflected DOM XSS...
Fedora: Security Advisory (FEDORA-2025-b4184a589e)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 41 : gi-docgen (2025-52dc5ac7d9)
The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-52dc5ac7d9 advisory. gi-docgen 2025.5 - 2025-10-11 This is a security fix for CVE-2025-11687. The severity of this issue depends on what else is hosted on the same domain as the...
CVE-2018-11687
creationtimestamp| type| source ---|---|--- 2025-06-26 21:02:22+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lsjzkcotya2j 2026-06-19 12:53:13+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/dd3cf363-89d0-4fb9-8bfc-555544669ac4...
CVE-2024-11687
The Next-Cart Store to WooCommerce Migration plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 3.9.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers t...
CVE-2024-11687
The Next-Cart Store to WooCommerce Migration plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 3.9.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers t...
CVE-2024-11687 Next-Cart Store to WooCommerce Migration <= 3.9.2 - Reflected Cross-Site Scripting
The Next-Cart Store to WooCommerce Migration plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 3.9.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers t...
CVE-2020-11687
In JetBrains TeamCity before 2019.2.2, password values were shown in an unmasked format on several pages...
CVE-2020-11687
CVE-2020-11687: JetBrains TeamCity pre-2019.2.2 disclosed passwords on several pages due to unmasked password values. Root cause: passwords not masked in UI. Impact: potential information disclosure of passwords. Mitigation: upgrade to TeamCity 2019.2.2 or later (per JetBrains security bulletin l...
CVE-2020-11687
In JetBrains TeamCity before 2019.2.2, password values were shown in an unmasked format on several pages...
CVE-2018-11687
CVE-2018-11687 concerns Bitcoin Red (BTCR) ERC20 smart contracts. The issue is an integer overflow in the contract’s distributeBTR function, enabling the owner to unethically increase their balance by deploying a large address[] array. Descriptions in multiple sources confirm the vulnerability in...