CVE-2019-11838

njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in Array.prototype.splice after a resize, related to njsarrayprototypesplice in njs/njsarray.c, because of njsarrayexpand size mishandling...

CVE-2025-11838

creationtimestamp| type| source ---|---|--- 2025-12-04 22:08:05+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115663574444372667...

CVE-2018-11838

Possible double free issue in WLAN due to lack of checking memory free condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, MDM9640, SDA660,...

CVE-2024-11838

External Control of File Name or Path vulnerability in PlexTrac allows Local Code Inclusion through use of an undocumented API endpoint.This issue affects PlexTrac: from 1.61.3 before 2.8.1...

CVE-2024-11838

creationtimestamp| type| source ---|---|--- 2024-12-13 06:08:50+00:00| seen| https://infosec.exchange/users/cve/statuses/113644020044060376 2024-12-13 08:14:24+00:00| seen| https://t.me/cvedetector/12828...

CVE-2024-11838 Local File Inclusion

External Control of File Name or Path vulnerability in PlexTrac allows Local Code Inclusion through use of an undocumented API endpoint.This issue affects PlexTrac: from 1.61.3 before 2.8.1...

CVE-2024-11838 Local File Inclusion

External Control of File Name or Path vulnerability in PlexTrac allows Local Code Inclusion through use of an undocumented API endpoint.This issue affects PlexTrac: from 1.61.3 before 2.8.1...

CVE-2024-11838

The CVE is confirmed for PlexTrac: external control of a file name or path enabling Local Code Inclusion via an undocumented API endpoint. Affected versions are 1.61.3 through 2.8.1. The underlying issue is an external control vulnerability allowing file path manipulation, leading to local code i...

CVE-2020-11838

Cross Site Scripting XSS vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x prior to 2.9.4. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting XSS or information disclosure...

CVE-2020-11838

Cross Site Scripting XSS vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x prior to 2.9.4. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting XSS or information disclosure...

CVE-2020-11838

CVE-2020-11838 is a Cross-Site Scripting (XSS) vulnerability in Micro Focus ArcSight Management Center. Affected versions are 2.6.1, 2.7.x, 2.8.x, and 2.9.x prior to 2.9.4. The vulnerability arises from lack of proper validation of client-side data in the web application, allowing remote exploita...

NGINX NJS Heap-Based Buffer Overflow (CVE-2019-11838)

A buffer overflow vulnerability exists in NGINX NJS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

CVE-2018-11838

creationtimestamp| type| source ---|---|--- 2020-03-05 14:07:15+00:00| seen| https://t.me/cibsecurity/10312...

CVE-2018-11838

Possible double free issue in WLAN due to lack of checking memory free condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, MDM9640, SDA660,...

CVE-2018-11838

Possible double free issue in WLAN due to lack of checking memory free condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, MDM9640, SDA660,...

CVE-2018-11838

CVE-2018-11838 describes a possible double-free in the WLAN stack due to insufficient memory-free-condition checking in Qualcomm Snapdragon platforms, affecting Qualcomm WLAN components across Snapdragon families (e.g., APQ8053, MDM9640, SDA660, SDM636/660/SDX20) and various Snapdragon product li...

CVE-2019-11838

CVE-2019-11838 concerns njs (used in NGINX) up to version 0.3.1, with a heap-based buffer overflow in Array.prototype.splice after a resize. The root cause is reported as mishandling the size in njs_array_expand, affecting njs_array_prototype_splice in njs/njs_array.c. Documents consistently desc...

CVE-2019-11838

njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in Array.prototype.splice after a resize, related to njsarrayprototypesplice in njs/njsarray.c, because of njsarrayexpand size mishandling...

Memory corruption

ChakraCore and Microsoft Edge in Windows 10 1703, 1709, and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique fr...

Memory corruption

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current...