23 matches found
CVE-2026-13848
creationtimestamp| type| source ---|---|--- 2026-07-02 01:09:40+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmtv7qztc2y 2026-07-02 07:20:52+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260702 2026-07-06 07:16:38+00:00| seen|...
Linux Distros Unpatched Vulnerability : CVE-2026-13848
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Forms in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...
DEBIAN-CVE-2026-13848
Use after free in Forms in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2025-13848
creationtimestamp| type| source ---|---|--- 2026-01-07 11:23:10+00:00| seen| https://gist.github.com/Darkcrai86/6906c12cd4151d81dab1529e0e6a6aa0...
EUVD-2021-13848
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-13848
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been found in Bento4 1.5.1-624. It is a SEGV in AP4StszAtom::GetSampleSize in Core/Ap4StszAtom.cpp. CVE-2018-13848 Note that Nessus relies on the...
CVE-2024-13848
creationtimestamp| type| source ---|---|--- 2025-02-18 05:17:06+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ligj2azvqe2t 2025-02-18 07:56:48+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/4738 2025-02-18 09:16:50+00:00| seen| https://t.me/cvedetector/18280...
CVE-2024-13848
The Reaction Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permission...
CVE-2024-13848 Reaction Buttons <= 2.1.6 - Authenticated (Administrator+) Stored Cross-Site Scripting
The Reaction Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permission...
CVE-2024-13848
The CVE-2024-13848 entry concerns the Reaction Buttons WordPress plugin. It describes a Stored Cross-Site Scripting (XSS) vulnerability exploitable via admin settings, due to insufficient input sanitization and output escaping in versions up to 2.1.6. Exploitation requires administrator-level per...
Advisory ROSA-SA-2021-1898
Software: libupnp 1.6.25 OS: Cobalt 7.9 CVE-ID: CVE-2020-13848 CVE-Crit: HIGH CVE-DESC: Portable UPnP SDK aka libupnp 1.12.1 and earlier allows remote attackers to cause a denial of service failure with a crafted SSDP message due to dereferencing a NULL pointer in the FindServiceControlURLPath an...
[SECURITY] [DLA 2585-1] libupnp security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-2585-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta March 08, 2021 https://wiki.debian.org/LTS -...
FreeBSD : upnp -- denial of service (crash) (a23871f6-059b-11eb-8758-e0d55e2a8bf9)
CVE mitre reports : Portable UPnP SDK aka libupnp 1.12.1 and earlier allows remote attackers to cause a denial of service crash via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/servicetable/servicetable.c...
openSUSE Security Update : libupnp (openSUSE-2020-805)
This update for libupnp fixes the following issues : - CVE-2020-13848: A NULL ptr denial of service via crafted SSDP message was fixed boo1172625 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2020-805...
openSUSE: Security Advisory for libupnp (openSUSE-SU-2020:0805-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2020:0821-1 Security update for libupnp
This update for libupnp fixes the following issues: - CVE-2020-13848: A NULL ptr denial of service via crafted SSDP message was fixed boo1172625 This update was imported from the openSUSE:Leap:15.1:Update update project...
Security update for libupnp (moderate)
openSUSE Security Update: Security update for libupnp Announcement ID: openSUSE-SU-2020:0821-1 Rating: moderate References: 1172625 Cross-References: CVE-2020-13848 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes one vulnerability is now available. Description: This update f...
OPENSUSE-SU-2020:0805-1 Security update for libupnp
This update for libupnp fixes the following issues: - CVE-2020-13848: A NULL ptr denial of service via crafted SSDP message was fixed boo1172625...
lipupnp <= 1.12.1 DoS Vulnerability
libupnp is prone to a denial of service DoS vulnerability. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; yo...
CVE-2020-13848
CVE-2020-13848 affects Portable UPnP SDK (libupnp) 1.12.1 and earlier. The vulnerability is a NULL pointer dereference in FindServiceControlURLPath and FindServiceEventURLPath inside genlib/service_table/service_table.c, exploitable via crafted SSDP messages to cause a denial of service (crash). ...