Lucene search
+L

23 matches found

Microsoft CVE
Microsoft CVE
added 2026/07/03 2:0 p.m.5 views

Chromium: CVE-2026-13896 Insufficient policy enforcement in Glic

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.5CVSS5.9AI score0.00242EPSS
Exploits0
Circl
Circl
added 2026/07/02 7:45 a.m.10 views

CVE-2026-13896

creationtimestamp| type| source ---|---|--- 2026-07-02 07:45:02+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260702 2026-07-06 07:18:14+00:00| seen| https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities20260706...

6.5CVSS5.9AI score0.00242EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.7 views

CVE-2026-13896

Insufficient policy enforcement in Glic in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00242EPSS
Exploits0
CVE
CVE
added 2026/06/30 10:38 p.m.22 views

CVE-2026-13896

The connected sources confirm CVE-2026-13896 affects Google Chrome (Chromium-based) with insufficient policy enforcement in “Glic” prior to version 150.0.7871.47, enabling a remote attacker to bypass navigation restrictions via a crafted HTML page. The impact is described as medium. The vulnerabi...

6.5CVSS5.8AI score0.00242EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.7 views

RHEL 6 : sudo (RHSA-2026:13896)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:13896 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...

7.8CVSS6AI score0.00173EPSS
Exploits0References4
Circl
Circl
added 2025/12/06 9:34 a.m.4 views

CVE-2025-13896

creationtimestamp| type| source ---|---|--- 2025-12-06 09:34:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m7cp57v2ea2q...

6.4CVSS5.8AI score0.00201EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/06 5:49 a.m.28 views

CVE-2025-13896 Social Feed Gallery Portfolio <= 1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'id' Shortcode Attribute

The Social Feed Gallery Portfolio plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter of the igp-wp shortcode in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

6.4CVSS0.00201EPSS
Exploits0References5
Patchstack
Patchstack
added 2025/12/06 1:47 a.m.9 views

WordPress Social Feed Gallery Portfolio plugin <= 1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'id' Shortcode Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'id' Shortcode Attribute vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Social Feed Gallery Portfolio versions = 1.3...

6.4CVSS5.6AI score0.00201EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 4:18 p.m.14 views

CVE-2020-13896

The web interface of Maipu MP1800X-50 7.5.3.14R devices allows remote attackers to obtain sensitive information via the form/formDeviceVerGet URI, such as system id, hardware model, hardware version, bootloader version, software version, software image file, compilation time, and system uptime...

7.5CVSS7.6AI score0.99876EPSS
Exploits20
RedhatCVE
RedhatCVE
added 2025/05/22 3:9 a.m.9 views

CVE-2018-13896

XBLSEC image authentication and other crypto related validations are accessible to a compromised OEM XBL Loader due to missing lock at XBLSEC stage.. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon...

7.8CVSS7.2AI score0.0021EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/04/10 2:10 p.m.11 views

WordPress WP-GeSHi-Highlight plugin <= 1.4.3 - Author+ ReDoS vulnerability

Author+ ReDoS vulnerability discovered by Pierre Rudloff in WordPress Plugin WP-GeSHi-Highlight versions = 1.4.3...

6.5CVSS8.9AI score0.00432EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2025/04/10 7:15 a.m.5 views

CVE-2024-13896

The WP-GeSHi-Highlight — rock-solid syntax highlighting for 259 languages WordPress plugin through 1.4.3 processes user-supplied input as a regular expression via the wpgeshifilterreplacecode function, which could lead to Regular Expression Denial of Service ReDoS issue...

6.5CVSS5.8AI score0.00432EPSS
Exploits1References1
Circl
Circl
added 2025/04/10 6:48 a.m.10 views

CVE-2024-13896

creationtimestamp| type| source ---|---|--- 2025-04-10 06:48:35+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/11195 2025-04-10 09:32:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmh73todsg2r...

6.5CVSS8.7AI score0.00432EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/04/10 6:0 a.m.10 views

CVE-2024-13896 WP-GeSHi-Highlight <= 1.4.3 - Author+ ReDoS

The WP-GeSHi-Highlight — rock-solid syntax highlighting for 259 languages WordPress plugin through 1.4.3 processes user-supplied input as a regular expression via the wpgeshifilterreplacecode function, which could lead to Regular Expression Denial of Service ReDoS issue...

6.5AI score0.00432EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/04/10 6:0 a.m.25 views

CVE-2024-13896 WP-GeSHi-Highlight <= 1.4.3 - Author+ ReDoS

The WP-GeSHi-Highlight — rock-solid syntax highlighting for 259 languages WordPress plugin through 1.4.3 processes user-supplied input as a regular expression via the wpgeshifilterreplacecode function, which could lead to Regular Expression Denial of Service ReDoS issue...

0.00432EPSS
Exploits1References1
NVD
NVD
added 2023/09/14 7:15 p.m.12 views

CVE-2017-13896

Rejected reason: This candidate is unused by its CNA...

6.6AI score
Exploits0
NVD
NVD
added 2020/06/29 6:15 p.m.23 views

CVE-2020-13896

The web interface of Maipu MP1800X-50 7.5.3.14R devices allows remote attackers to obtain sensitive information via the form/formDeviceVerGet URI, such as system id, hardware model, hardware version, bootloader version, software version, software image file, compilation time, and system uptime...

5.3CVSS0.14838EPSS
Exploits1References1
Cvelist
Cvelist
added 2020/06/29 5:11 p.m.30 views

CVE-2020-13896

The web interface of Maipu MP1800X-50 7.5.3.14R devices allows remote attackers to obtain sensitive information via the form/formDeviceVerGet URI, such as system id, hardware model, hardware version, bootloader version, software version, software image file, compilation time, and system uptime...

6.3AI score0.14838EPSS
Exploits1References1
CVE
CVE
added 2020/06/29 5:11 p.m.227 views

CVE-2020-13896

The CVE-2020-13896 entry documents an information-disclosure vulnerability in Maipu MP1800X-50 devices (firmware 7.5.3.14(R)) where the web interface exposes sensitive data via form/formDeviceVerGet. Connected sources (CNVD-2021-39048, CNVD-2019-02748) describe an information-disclosure flaw in t...

5.3CVSS6.2AI score0.14838EPSS
In wildExploits1References1Affected Software1
Circl
Circl
added 2019/07/22 6:28 p.m.5 views

CVE-2018-13896

creationtimestamp| type| source ---|---|--- 2019-07-22 18:28:17+00:00| seen| https://t.me/cibsecurity/5637...

7.8CVSS7.8AI score0.0021EPSS
Exploits0References1
Rows per page
Query Builder