23 matches found
CVE-2019-11869
creationtimestamp| type| source ---|---|--- 2025-02-25 21:02:04+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lizr4fc3wn25...
CVE-2024-11869
The Buk for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'buk' shortcode in all versions up to, and including, 1.0.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-11869
creationtimestamp| type| source ---|---|--- 2024-12-14 05:03:39+00:00| seen| https://infosec.exchange/users/cve/statuses/113649426041281230 2024-12-14 06:49:53+00:00| seen| https://t.me/cvedetector/12927...
CVE-2024-11869 Buk for WordPress <= 1.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Buk for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'buk' shortcode in all versions up to, and including, 1.0.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-11869 Buk for WordPress <= 1.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Buk for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'buk' shortcode in all versions up to, and including, 1.0.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2024-11869
CVE-2024-11869 – Buk for WordPress (WordPress plugin) : Stored XSS via the plugin’s buk shortcode in all versions up to 1.0.7, caused by insufficient input sanitization and output escaping on user-supplied attributes. Exploitation requires authenticated access (contributor level or higher); scrip...
CVE-2020-11869 affecting package qemu-kvm 4.2.0-48
CVE-2020-11869 affecting package qemu-kvm 4.2.0-48. A patched version of the package is available...
Ubuntu: Security Advisory (USN-4372-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4372-1: QEMU vulnerabilities
It was discovered that QEMU incorrectly handled bochs-display devices. A local attacker in a guest could use this to cause a denial of service or possibly execute arbitrary code in the host. This issue only affected Ubuntu 19.10. CVE-2019-15034 It was discovered that QEMU incorrectly handled memo...
BELL-CVE-2020-11869 CVE-2020-11869 does not affect BellSoft software
Bulletin has no description...
CVE-2020-11869
CVE-2020-11869 : In QEMU versions 4.0.1–4.2.0, an integer overflow in ATI VGA emulation can crash the QEMU process (DoS) due to a flaw in ati_2d_blt() when handling MMIO writes via the ati_mm_write() callback in hw/display/ati-2d.c. The vulnerability is triggered through the ATI VGA display path ...
CVE-2019-11869
The CVE-2019-11869 entry concerns the WordPress Yuzo Related Posts plugin before 5.12.94. A cross-site scripting (XSS) flaw arises because the plugin relies on is_admin() to verify the request origin, but that check only confirms the request targets an admin page, not that it comes from an admin ...
VulnCheck KEV: CVE-2017-11869
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current...
CVE-2018-11869
In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, lack of length validation check for value received from firmware can lead to buffer overflow in WMA handler...
CVE-2018-11869
CVE-2018-11869 affects Android-family releases used on CAF/Linux kernels. The issue is a lack of length validation for a value received from firmware, which can cause a buffer overflow in the WMA handler . The vulnerability is described as local with potential complete impact on confidentiality, ...
Memory corruption
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an...
Memory corruption
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an...
Memory corruption
ChakraCore and Microsoft Edge in Windows 10 1709 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from...
Memory corruption
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an...
Memory corruption
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to take control of an affected system, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID ...