23 matches found
Chromium: CVE-2026-13896 Insufficient policy enforcement in Glic
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
CVE-2026-13896
creationtimestamp| type| source ---|---|--- 2026-07-02 07:45:02+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260702 2026-07-06 07:18:14+00:00| seen| https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities20260706...
CVE-2026-13896
Insufficient policy enforcement in Glic in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13896
The connected sources confirm CVE-2026-13896 affects Google Chrome (Chromium-based) with insufficient policy enforcement in “Glic” prior to version 150.0.7871.47, enabling a remote attacker to bypass navigation restrictions via a crafted HTML page. The impact is described as medium. The vulnerabi...
RHEL 6 : sudo (RHSA-2026:13896)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:13896 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...
CVE-2025-13896
creationtimestamp| type| source ---|---|--- 2025-12-06 09:34:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m7cp57v2ea2q...
CVE-2025-13896 Social Feed Gallery Portfolio <= 1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'id' Shortcode Attribute
The Social Feed Gallery Portfolio plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter of the igp-wp shortcode in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
WordPress Social Feed Gallery Portfolio plugin <= 1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'id' Shortcode Attribute vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via 'id' Shortcode Attribute vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Social Feed Gallery Portfolio versions = 1.3...
CVE-2020-13896
The web interface of Maipu MP1800X-50 7.5.3.14R devices allows remote attackers to obtain sensitive information via the form/formDeviceVerGet URI, such as system id, hardware model, hardware version, bootloader version, software version, software image file, compilation time, and system uptime...
CVE-2018-13896
XBLSEC image authentication and other crypto related validations are accessible to a compromised OEM XBL Loader due to missing lock at XBLSEC stage.. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon...
WordPress WP-GeSHi-Highlight plugin <= 1.4.3 - Author+ ReDoS vulnerability
Author+ ReDoS vulnerability discovered by Pierre Rudloff in WordPress Plugin WP-GeSHi-Highlight versions = 1.4.3...
CVE-2024-13896
The WP-GeSHi-Highlight — rock-solid syntax highlighting for 259 languages WordPress plugin through 1.4.3 processes user-supplied input as a regular expression via the wpgeshifilterreplacecode function, which could lead to Regular Expression Denial of Service ReDoS issue...
CVE-2024-13896
creationtimestamp| type| source ---|---|--- 2025-04-10 06:48:35+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/11195 2025-04-10 09:32:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmh73todsg2r...
CVE-2024-13896 WP-GeSHi-Highlight <= 1.4.3 - Author+ ReDoS
The WP-GeSHi-Highlight — rock-solid syntax highlighting for 259 languages WordPress plugin through 1.4.3 processes user-supplied input as a regular expression via the wpgeshifilterreplacecode function, which could lead to Regular Expression Denial of Service ReDoS issue...
CVE-2024-13896 WP-GeSHi-Highlight <= 1.4.3 - Author+ ReDoS
The WP-GeSHi-Highlight — rock-solid syntax highlighting for 259 languages WordPress plugin through 1.4.3 processes user-supplied input as a regular expression via the wpgeshifilterreplacecode function, which could lead to Regular Expression Denial of Service ReDoS issue...
CVE-2017-13896
Rejected reason: This candidate is unused by its CNA...
CVE-2020-13896
The web interface of Maipu MP1800X-50 7.5.3.14R devices allows remote attackers to obtain sensitive information via the form/formDeviceVerGet URI, such as system id, hardware model, hardware version, bootloader version, software version, software image file, compilation time, and system uptime...
CVE-2020-13896
The web interface of Maipu MP1800X-50 7.5.3.14R devices allows remote attackers to obtain sensitive information via the form/formDeviceVerGet URI, such as system id, hardware model, hardware version, bootloader version, software version, software image file, compilation time, and system uptime...
CVE-2020-13896
The CVE-2020-13896 entry documents an information-disclosure vulnerability in Maipu MP1800X-50 devices (firmware 7.5.3.14(R)) where the web interface exposes sensitive data via form/formDeviceVerGet. Connected sources (CNVD-2021-39048, CNVD-2019-02748) describe an information-disclosure flaw in t...
CVE-2018-13896
creationtimestamp| type| source ---|---|--- 2019-07-22 18:28:17+00:00| seen| https://t.me/cibsecurity/5637...