18 matches found
CVE-2026-12018 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-12018 vulnerabilities
Vulnerabilities for packages: chromium...
Chromium: CVE-2026-12018 Inappropriate implementation Mojo
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
chromedriver-149.0.7827.114-1.1 on GA media (moderate)
chromedriver-149.0.7827.114-1.1 on GA media Announcement ID: openSUSE-SU-2026:11029-1 Rating: moderate Cross-References: CVE-2026-12007 CVE-2026-12008 CVE-2026-12009 CVE-2026-12010 CVE-2026-12011 CVE-2026-12012 CVE-2026-12013 CVE-2026-12014 CVE-2026-12015 CVE-2026-12016 CVE-2026-12017...
Linux Distros Unpatched Vulnerability : CVE-2026-12018
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Mojo in Google Chrome on Windows prior to 149.0.7827.115 allowed a local attacker to perform OS-level privilege escalation via a...
CVE-2026-12018
Inappropriate implementation in Mojo in Google Chrome on Windows prior to 149.0.7827.115 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: High...
CVE-2026-12018
Inappropriate implementation in Mojo in Google Chrome on Windows prior to 149.0.7827.115 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: High...
CVE-2026-12018
creationtimestamp| type| source ---|---|--- 2026-06-11 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260612 2026-06-12 08:02:00+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mo3bm3qe232i 2026-06-15 18:00:00+00:00|...
CVE-2025-12018
creationtimestamp| type| source ---|---|--- 2025-11-12 08:52:06+00:00| seen| https://gist.github.com/Darkcrai86/7489d8d2fb925030a27fe63f005cd5e5...
CVE-2024-12018
creationtimestamp| type| source ---|---|--- 2024-12-12 05:57:21+00:00| seen| https://infosec.exchange/users/cve/statuses/113638312546521031 2024-12-12 07:58:36+00:00| seen| https://t.me/cvedetector/12735...
CVE-2024-12018 Snippet Shortcodes <= 4.1.6 - Authenticated (Subscriber+) Shortcode Deletion
The Snippet Shortcodes plugin for WordPress is vulnerable to unauthorized Shortcode Deletion due to missing authorization in all versions up to, and including, 4.1.6. Note that a nonce is used as authentication here, but the value is leaked. This makes it possible for authenticated attackers, wit...
CVE-2020-27000
A vulnerability has been identified in JT2Go All versions V13.1.0.1, Teamcenter Visualization All versions V13.1.0.1. Affected applications lack proper validation of user-supplied data when parsing BMP files. This can result in a memory corruption condition. An attacker could leverage this...
Memory corruption
A vulnerability has been identified in JT2Go All versions V13.1.0.1, Teamcenter Visualization All versions V13.1.0.1. Affected applications lack proper validation of user-supplied data when parsing BMP files. This can result in a memory corruption condition. An attacker could leverage this...
CVE-2020-27000
A vulnerability has been identified in JT2Go All versions V13.1.0.1, Teamcenter Visualization All versions V13.1.0.1. Affected applications lack proper validation of user-supplied data when parsing BMP files. This can result in a memory corruption condition. An attacker could leverage this...
CVE-2019-12018
...
CVE-2020-12018
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An out-of-bounds vulnerability exists that may allow access to unauthorized data...
CVE-2020-12018
Advantech WebAccess Node (HMI platform) is affected by CVE-2020-12018 via an out-of-bounds read in IOCTL handling of ViewSrv.dll/DrawSrv.dll, exposing unauthorized data. Affected versions are WebAccess Node 8.4.4 and prior, and 9.0.0. The vulnerability enables information disclosure without authe...
CVE-2018-12018
CVE-2018-12018 affects Go Ethereum (geth) LES GetBlockHeadersMsg handling prior to v1.8.11. An integer signedness error for the array index allows a crafted query with Skip = -1 to crash a remote node (EPoD). The vulnerability occurs when the server validates the requested headers after skipping ...