Lucene search
K

17 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-11853

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debusine is an integrated solution to build, distribute and maintain a Debian-based distribution. Debian source packages .dsc and upload artifacts .changes are...

6.5CVSS5.7AI score0.00269EPSS
Exploits0References3
Circl
Circl
added 2026/06/10 11:7 a.m.9 views

CVE-2026-11853

creationtimestamp| type| source ---|---|--- 2026-06-10 11:07:21+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnwkznj3r72m...

6.5CVSS5.3AI score0.00269EPSS
Exploits0References1
OSV
OSV
added 2026/06/10 10:16 a.m.6 views

DEBIAN-CVE-2026-11853

Debusine is an integrated solution to build, distribute and maintain a Debian-based distribution. Debian source packages .dsc and upload artifacts .changes are manifest files that name the files that make up the artifact. The parser used to read these files in Debusine accepted arbitrary fully...

6.5CVSS5.7AI score0.00269EPSS
Exploits0References1
CVE
CVE
added 2024/12/03 7:34 a.m.47 views

CVE-2024-11853

CVE-2024-11853: The jAlbum Bridge plugin for WordPress (versions up to and including 2.0.15) is vulnerable to Stored Cross-Site Scripting via the ar parameter. An authenticated attacker with Contributor-level access can inject scripts that execute in pages viewed by users. A patch/upgrade to a ve...

6.4CVSS7.4AI score0.00325EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/12/03 7:34 a.m.15 views

CVE-2024-11853 jAlbum Bridge <= 2.0.16 - Authenticated (Contributor+) Stored Cross-Site Scripting via ar Parameter

The jAlbum Bridge plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ar’ parameter in all versions up to, and including, 2.0.16 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...

6.4CVSS0.00325EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2024/12/03 7:34 a.m.6 views

CVE-2024-11853 jAlbum Bridge <= 2.0.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via ar Parameter

The jAlbum Bridge plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ar’ parameter in all versions up to, and including, 2.0.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...

6.4CVSS5.9AI score0.00325EPSS
Exploits0References4
Check Point Advisories
Check Point Advisories
added 2021/02/15 12:0 a.m.4 views

Micro Focus UCMDB Remote Code Execution (CVE-2020-11854; CVE-2020-11853)

A remote code execution vulnerability exists in Micro Focus UCMDB. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

10CVSS5.4AI score0.7699EPSS
Exploits6
Rapid7 Blog
Rapid7 Blog
added 2021/01/29 9:9 p.m.936 views

Metasploit Wrap-Up

MobileIron MDM Hessian-Based Java Deserialization RCE Our very own wvu-r7 has added exploits/linux/http/mobileironmdmhessianrce, which exploits an ACL bypass in MobileIron MDM products to execute a Java deserialization attack using a Groovy gadget against a Hessian based endpoint. CVE-2020-15505...

10CVSS1.1AI score0.99737EPSS
Exploits39
0day.today
0day.today
added 2021/01/28 12:0 a.m.96 views

Micro Focus UCMDB Remote Code Execution Exploit

This Metasploit module exploits two vulnerabilities, that when chained allow an attacker to achieve unauthenticated remote code execution in Micro Focus UCMDB. UCMDB included in versions 2020.05 and below of Operations Bridge Manager are affected, but this module can probably also be used to...

9.8CVSS9AI score0.7699EPSS
Exploits6
Circl
Circl
added 2021/01/27 3:7 p.m.7 views

CVE-2020-11853

creationtimestamp| type| source ---|---|--- 2021-01-27 15:07:52+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/microfocusucmdbunauthdeser.rb 2021-02-09 17:33:51+00:00| seen|...

8.8CVSS8AI score0.7699EPSS
Exploits6References3
CVE
CVE
added 2020/10/22 8:37 p.m.164 views

CVE-2020-11853

Micro Focus Operations Bridge Manager and related components (including UCMDB, Data Center Automation, Application Performance Management, Universal CMDB, Hybrid Cloud Management, Service Management Automation) are affected by CVE-2020-11853. The connected sources describe a remote code execution...

8.8CVSS9AI score0.7699EPSS
Exploits6References9Affected Software2
NVD
NVD
added 2020/08/21 7:15 p.m.18 views

CVE-2019-11853

Several potential command injections vulnerabilities exist in the AT command interface of ALEOS before 4.11.0, and 4.9.4...

7.2CVSS5.6AI score0.01249EPSS
Exploits0References1
CVE
CVE
added 2020/08/21 6:52 p.m.56 views

CVE-2019-11853

ALEOS AT command interface exposes several potential command injection vulnerabilities in versions prior to 4.11.0 and 4.9.4. Connected CNVD/NVD entries confirm the issue affects ALEOS and reference affected versions; no additional exploitation details are provided in the sources. Remediation gui...

7.2CVSS6AI score0.01249EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/10/26 1:0 p.m.24 views

CVE-2018-11853

Lack of check on out of range for channels When processing channel list set command will lead to buffer flow in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, SDA660, SDM429,...

8AI score0.0024EPSS
Exploits0References2
CVE
CVE
added 2018/10/26 1:0 p.m.49 views

CVE-2018-11853

CVE-2018-11853 affects Qualcomm Snapdragon/SoCs (e.g., IPQ8074, MDM9xxx, SD 4xx–8xx) where processing a channel list set command lacks an out-of-range check, causing a buffer overflow in the channel processing path. This is a local-attack, low-precision vector with potential impact on confidentia...

7.8CVSS7.9AI score0.0024EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/11/15 3:0 a.m.91 views

CVE-2017-11853

Technical details for CVE-2017-11853 (affected Windows kernel versions, root cause, impact, and fixes) are not publicly provided in the connected documents. Monitor for updates from official advisories (MSRC) and regional databases.

5.5CVSS5.2AI score0.10975EPSS
Exploits0References3Affected Software7
Tenable Nessus
Tenable Nessus
added 2009/09/24 12:0 a.m.27 views

SuSE9 Security Update : Tk (YOU Patch Number 11853)

This update fixes a buffer overflow that occurs while processing interlaced/animatedGIF images. CVE-2007-4851 This bug could be used to execute code remotely. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc...

6.8CVSS5.9AI score0.04855EPSS
Exploits0References2
Rows per page
Query Builder