CVE-2025-11899

creationtimestamp| type| source ---|---|--- 2025-10-17 06:04:17+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3m3em2ifzr52m...

MAL-2025-11899 Malicious code in @zalastax/nolb-hank (npm)

The package @zalastax/nolb-hank was found to contain malicious code...

CVE-2024-11899

creationtimestamp| type| source ---|---|--- 2025-01-07 03:28:13+00:00| seen| https://infosec.exchange/users/cve/statuses/113784946157040510 2025-01-07 03:36:14+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/283 2025-01-07 04:15:30+00:00| seen|...

CVE-2024-11899 Slider Pro Lite <= 1.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Slider Pro Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sliderpro' shortcode in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-11899 Slider Pro Lite <= 1.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Slider Pro Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sliderpro' shortcode in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-11899

CVE-2024-11899 : Slider Pro Lite (WordPress) is vulnerable to Stored Cross-Site Scripting via the plugin shortcode sliderpro in all versions up to and including 1.4.1. Root cause: insufficient input sanitization and output escaping on user-supplied attributes. Impact: authenticated attackers with...

CVE-2020-11899

creationtimestamp| type| source ---|---|--- 2023-06-14 21:10:04+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2024-12-24 20:28:05+00:00| seen| https://feedsin.space/feed/CISAKevBot/items/2971355 2025-02-23 02:10:26+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2026-02-02...

SUSE CVE-2020-11899

The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read...

VulnCheck KEV: CVE-2020-11899

The Treck TCP/IP stack contains an IPv6 out-of-bounds read vulnerability...

ArubaOS-Switch Ripple20 Multiple Vulnerabilities (ARUBA-PSA-2020-006)

The version of ArubaOS-Switch installed on the remote host is affected by multiple vulnerabilities in the Treck IP stack implementation. The vulnerabilities are collectively known as Ripple20, and can result in remote code execution, denial of service DoS, and information disclosure by remote,...

Design/Logic Flaw

A vulnerability has been identified in JT2Go All versions V13.1.0.2, Teamcenter Visualization All versions V13.1.0.2. Affected applications lack proper validation of user-supplied data when parsing ASM files. This could lead to pointer dereferences of a value obtained from untrusted source. An...

Ripple20: Multiple Vulnerabilities Identified in Treck TCP/IP Stack

Multiple vulnerabilities that use a low-level TCP/IP software library developed by Treck, Inc. were identified recently in implementations of the Treck IP stack for embedded systems. These vulnerabilities were discovered by the JSOF research lab and have been named Ripple20. Ripple20...

CVE-2020-11899

CVE-2020-11899 refers to the Treck TCP/IP stack before 6.0.1.66, which contains an IPv6 out-of-bounds read vulnerability in its IPv6 handling. Related connected sources confirm the affected component is the Treck IP Stack used in embedded systems; the CVE describes an IPv6 OOB read with low to mo...

Intel Active Management Technology Multiple Vulnerabilities (INTEL-SA-00295)

Multiple vulnerabilities in Intel Active Management Technology AMT may allow escalation of privilege, denial of service DoS or information disclosure. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respecti...

Intel Active Management Technology DoS Vulnerability (INTEL-SA-00295)

Intel Active Management Technology AMT is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2019-11899

CVE-2019-11899 describes an unauthenticated exposure where an attacker can gain unauthorized access to sensitive data by exploiting the Windows SMB protocol on a Bosch Access Professional Edition (APE) 3.8 client installation. The issue affects how client installations are authorized by the APE a...

CVE-2018-11899

Technical details are not publicly available in the provided documents for CVE-2018-11899; monitor for updates.

CVE-2017-11899

Device Guard in Windows 10 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows a security feature bypass vulnerability due to the way untrusted files are handled, aka "Microsoft Windows Security Feature Bypass Vulnerability"...

CVE-2017-11899

CVE-2017-11899 affects Device Guard in Windows 10 (1511, 1607, 1703, 1709) and Windows Server variants; vulnerability is a security feature bypass caused by how untrusted files are handled. The CNVD entry (CNVD-2018-00778) confirms a Device Guard security bypass due to untrusted file validation. ...

KLA11156 Multiple vulnerabilities in Microsoft Windows

Multiple serious vulnerabilities have been found in Microsoft Windows. Malicious user can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions and execute arbitrary code. Below is a complete list of vulnerabilities: 1. An incorrect validating of untrusted fi...