37 matches found
CVE-2026-13920
creationtimestamp| type| source ---|---|--- 2026-07-02 07:45:55+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260702 2026-07-06 07:18:43+00:00| seen| https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities20260706...
Linux Distros Unpatched Vulnerability : CVE-2026-13920
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Media in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the rendere...
DEBIAN-CVE-2026-13920
Insufficient validation of untrusted input in Media in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13920
Insufficient validation of untrusted input in Media in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-13920
creationtimestamp| type| source ---|---|--- 2026-01-24 15:59:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3md6lhavi642c 2026-03-17 02:22:55+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-13920.yaml 2026-03-17...
CVE-2025-13920
The WP Directory Kit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.9 via the wdkpublicaction AJAX handler. This makes it possible for unauthenticated attackers to extract email addresses for users with Directory Kit-specific user...
CVE-2019-13920
A vulnerability has been identified in SINEMA Remote Connect Server All versions V2.0 SP1. Some parts of the web application are not protected against Cross Site Request Forgery CSRF attacks. The security vulnerability could be exploited by an attacker that is able to trigger requests of a...
CVE-2018-13920
Use-after-free condition due to Improper handling of hrtimers when the PMU driver tries to access its events in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, QCS605, Qualcomm 215, SD 425, SD 439...
CVE-2024-13920
The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.6.0 via the downloadfile function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents ...
CVE-2024-13920
creationtimestamp| type| source ---|---|--- 2025-03-20 15:43:43+00:00| seen| https://t.me/cvedetector/20732...
CVE-2024-13920
The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.6.0 via the downloadfile function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents ...
CVE-2024-13920 Order Export & Order Import for WooCommerce <= 2.6.0 - Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Read via download_file Function
The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.6.0 via the downloadfile function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents ...
CVE-2024-13920 Order Export & Order Import for WooCommerce <= 2.6.0 - Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Read via download_file Function
The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.6.0 via the downloadfile function. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents ...
CVE-2024-13920
CVE-2024-13920 affects the WordPress plugin Order Export & Order Import for WooCommerce (
Security Bulletin: Multiple Vulnerabilities in IBM Application Performance Management
Summary Multiple vulnerabilities were addressed in IBM Application Performance Management 8.1.4.0 IF15 patch Vulnerability Details CVEID:CVE-2020-13920 DESCRIPTION: Apache ActiveMQ is vulnerable to a man-in-the-middle attack, caused by improper authentication validation when connecting to the JMX...
Debian: Security Advisory (DLA-3657-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 3657-1] activemq security update
Debian LTS Advisory DLA-3657-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany November 20, 2023 https://wiki.debian.org/LTS Package : activemq Version : 5.15.16-0+deb10u1 CVE ID : CVE-2020-13920 CVE-2021-26117 CVE-2023-46604 Debian Bug : 1054909 982590 Several...
Debian dla-3657 : activemq - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3657 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3657-1 [email protected]...
CVE-2017-13920
Rejected reason: This candidate is unused by its CNA...
FreeBSD : nexus2-oss -- Apache ActiveMQ JMX vulnerability (730e922f-20e7-11ec-a574-080027eedc6a)
Sonatype reports : - CVE-2020-13920: Apache ActiveMQ JMX is vulnerable to a MITM attack %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2021 Jacques Vidrine and contributors...