23 matches found
CVE-2026-13818 vulnerabilities
Vulnerabilities for packages: chromium...
CVE-2026-13818
creationtimestamp| type| source ---|---|--- 2026-07-02 07:19:43+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260702 2026-07-06 07:15:44+00:00| seen| https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities20260706...
Linux Distros Unpatched Vulnerability : CVE-2026-13818
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML...
CVE-2026-13818
Inappropriate implementation in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: High...
CVE-2026-13818
CVE-2026-13818 affects Google Chrome’s Passwords feature. The issue is an inappropriate implementation that allowed a remote attacker to bypass navigation restrictions via a crafted HTML page in Chrome versions prior to 150.0.7871.47. Impact is a navigation bypass; no exploits are detailed in the...
CVE-2026-13818
Inappropriate implementation in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: High...
CVE-2025-13818
Local privilege escalation vulnerability via insecure temporary batch file execution in ESET Management Agent...
CVE-2025-13818
creationtimestamp| type| source ---|---|--- 2026-02-06 13:50:07+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3me72cltzy52l...
CVE-2024-13818
creationtimestamp| type| source ---|---|--- 2025-02-21 04:19:52+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/4850 2025-02-21 07:14:49+00:00| seen| https://t.me/cvedetector/18632...
CVE-2024-13818 Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction <= 3.8.4 - Sensitive Information Exposure via Log Files
The Registration Forms – User Registration Forms, Invitation-Based Registrations, Front-end User Profile, Login Form & Content Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.8.4 through publicly exposed log files. This make...
Nginx Source Code Disclosure/Download
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nginx Source Code Disclosure/Download', 'Description' = %q This module exploits a source code disclosure/download vulnerability in versions 0.7 a...
Design/Logic Flaw
This vulnerability allows local attackers to disclose sensitive information on affected installations of TeamViewer. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the TeamViewer...
CVE-2021-35005
CVE-2021-35005 relates to TeamViewer and is supported across multiple sources (NVD, Red Hat, ZDI, CNVD, etc.). The concrete technical detail: a local information-disclosure flaw in the TeamViewer service caused by improper validation of user-supplied data, leading to a read past the end of an all...
Zoho ManageEngine Directory Traversal (CVE-2020-13818)
A directory traversal vulnerability exists in ManageEngine OpManager. This vulnerability is due to improper validation of user input in the request URI...
CVE-2020-13818
In Zoho ManageEngine OpManager before 125144, when is used, directory traversal validation can be bypassed...
CVE-2020-13818
In Zoho ManageEngine OpManager before 125144, when is used, directory traversal validation can be bypassed...
CVE-2020-13818
Zoho ManageEngine OpManager is affected by CVE-2020-13818. A directory traversal vulnerability arises from improper validation of user input in the request URI, allowing remote attackers to disclose files. The issue is tied to the OpmSkipFilter component, and exploitation does not require authent...
CVE-2018-13818
Twig before 2.4.4 allows Server-Side Template Injection SSTI via the search searchkey parameter. NOTE: the vendor points out that Twig itself is not a web application and states that it is the responsibility of web applications using Twig to properly wrap input to it...
CVE-2018-13818
Twig before 2.4.4 allows Server-Side Template Injection SSTI via the search searchkey parameter. NOTE: the vendor points out that Twig itself is not a web application and states that it is the responsibility of web applications using Twig to properly wrap input to it...
CVE-2018-13818
Twig before 2.4.4 allows Server-Side Template Injection SSTI via the search searchkey parameter. NOTE: the vendor points out that Twig itself is not a web application and states that it is the responsibility of web applications using Twig to properly wrap input to it...