27 matches found
DEBIAN-CVE-2025-11936
Improper input validation in the TLS 1.3 KeyShareEntry parsing in wolfSSL v5.8.2 on multiple platforms allows a remote unauthenticated attacker to cause a denial-of-service by sending a crafted ClientHello message containing duplicate KeyShareEntry values for the same supported group, leading to...
CVE-2025-11936
Improper input validation in the TLS 1.3 KeyShareEntry parsing in wolfSSL v5.8.2 on multiple platforms allows a remote unauthenticated attacker to cause a denial-of-service by sending a crafted ClientHello message containing duplicate KeyShareEntry values for the same supported group, leading to...
CVE-2025-11936 Potential DoS Vulnerability through Multiple KeyShareEntry with Same Group in TLS 1.3 ClientHello
Improper input validation in the TLS 1.3 KeyShareEntry parsing in wolfSSL v5.8.2 on multiple platforms allows a remote unauthenticated attacker to cause a denial-of-service by sending a crafted ClientHello message containing duplicate KeyShareEntry values for the same supported group, leading to...
CVE-2025-11936
Improper input validation in the TLS 1.3 KeyShareEntry parsing in wolfSSL v5.8.2 on multiple platforms allows a remote unauthenticated attacker to cause a denial-of-service by sending a crafted ClientHello message containing duplicate KeyShareEntry values for the same supported group, leading to...
CVE-2025-11936
Improper input validation in the TLS 1.3 KeyShareEntry parsing in wolfSSL v5.8.2 on multiple platforms allows a remote unauthenticated attacker to cause a denial-of-service by sending a crafted ClientHello message containing duplicate KeyShareEntry values for the same supported group, leading to...
Linux Distros Unpatched Vulnerability : CVE-2019-11936
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Various APC functions accept keys containing null bytes as input, leading to premature truncation of input. This issue affects HHVM versions prior to 3.30.12, a...
CVE-2020-11936
gdbus setgid privilege escalation...
CVE-2018-11936
Index of array is processed in a wrong way inside a while loop and result in invalid index -1 or something else leads to out of bound memory access. in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,...
CVE-2019-11936
Various APC functions accept keys containing null bytes as input, leading to premature truncation of input. This issue affects HHVM versions prior to 3.30.12, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.23.1, as well as 4.24.0, 4.25.0, 4.26.0, 4.27.0, 4.28.0, and 4.28.1...
CVE-2020-11936
creationtimestamp| type| source ---|---|--- 2025-01-31 01:32:52+00:00| seen| https://infosec.exchange/users/cve/statuses/113920388095631721 2025-01-31 02:15:44+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgywjexqet27 2025-01-31 03:21:56+00:00| seen|...
CVE-2020-11936
gdbus setgid privilege escalation...
CVE-2020-11936
gdbus setgid privilege escalation...
CVE-2024-11936
creationtimestamp| type| source ---|---|--- 2025-01-26 11:16:07+00:00| seen| https://infosec.exchange/users/cve/statuses/113894370004265885 2025-01-26 12:15:53+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgnfpw4ybh2h 2025-01-26 13:06:17+00:00| seen|...
CVE-2024-11936 Zox News <= 3.16.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update
The Zox News theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'backupoptions' and 'restoreoptions' function in all versions up to, and including, 3.16.0. This makes it possible for authenticated...
CVE-2024-11936
CVE-2024-11936 (Zox News, WordPress) : The Zox News theme (versions
CVE-2019-11936
creationtimestamp| type| source ---|---|--- 2024-03-07 11:06:52+00:00| seen| https://t.me/ctinow/202292...
USN-4449-1: Apport vulnerabilities
Ryota Shiga working with Trend Micro´s Zero Day Initiative, discovered that Apport incorrectly dropped privileges when making certain D-Bus calls. A local attacker could use this issue to read arbitrary files. CVE-2020-11936 Seong-Joong Kim discovered that Apport incorrectly parsed configuration...
UBUNTU-CVE-2019-11936
Various APC functions accept keys containing null bytes as input, leading to premature truncation of input. This issue affects HHVM versions prior to 3.30.12, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.23.1, as well as 4.24.0, 4.25.0, 4.26.0, 4.27.0, 4.28.0, and 4.28.1...
CVE-2019-11936
Various APC functions accept keys containing null bytes as input, leading to premature truncation of input. This issue affects HHVM versions prior to 3.30.12, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.23.1, as well as 4.24.0, 4.25.0, 4.26.0, 4.27.0, 4.28.0, and 4.28.1...
CVE-2019-11936
CVE-2019-11936 affects HHVM: various APC functions accept keys containing null bytes, causing input truncation. Affected versions include HHVM before 3.30.12, 4.0.0–4.8.5, 4.9.0–4.23.1, and 4.24.0–4.28.1. The Connected documents corroborate the same affected version ranges and input-truncation be...