Fedora: Security Advisory (FEDORA-2025-5fac63ba6a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 41 : chromium (2025-f814c5f499)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-f814c5f499 advisory. - Update to 140.0.7339.185 CVE-2025-10585: Type Confusion in V8 CVE-2025-10500: Use after free in Dawn CVE-2025-10501: Use after free in WebRTC...

CVE-2025-10501

Use after free in WebRTC in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

DEBIAN-CVE-2025-10501

Use after free in WebRTC in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2025-10501

Use after free in WebRTC in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

Fedora: Security Advisory (FEDORA-2025-bb1ae3ee9c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2025-10501

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebRTC in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2025:0367-1 Rating: important References: 1249999 Cross-References: CVE-2025-10500 CVE-2025-10501 CVE-2025-10502 CVE-2025-10585 Affected Products: openSUSE Backports SLE-15-SP7 An update that fixes four...

CVE-2025-10501

creationtimestamp| type| source ---|---|--- 2025-09-18 11:08:39+00:00| seen| https://t.me/truesecator/7435 2025-09-20 06:33:45+00:00| seen| https://bsky.app/profile/secqube.com/post/3lzar4crj2e2x...

Google Chrome Security Update (stable-channel-update-for-desktop_17-2025-09) - Linux

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

CVE-2020-10501

CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a department, given the id, via a crafted request...

CVE-2024-10501

creationtimestamp| type| source ---|---|--- 2024-10-30 03:19:25+00:00| seen| https://t.me/cvedetector/9384...

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists...

CVE-2020-15642

This vulnerability allows remote attackers to execute arbitrary code on affected installations of installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists...

CVE-2020-15642

The CVE-2020-15642 issue affects Marvell QConvergeConsole 5.5.0.64. The root cause is a lack of proper validation in the isHPSmartComponent method of the GWTTestServiceImpl class, enabling a crafted user string to be used in a system call. This permits remote code execution with SYSTEM privileges...

CVE-2020-10501

CVE-2020-10501 concerns Chadha PHPKB Standard Multi-Language 9 where a CSRF weakness in the admin/manage-departments.php endpoint allows an attacker to edit a department when a crafted request is issued. The root cause is inadequate CSRF protections on the request that performs department edits (...

CVE-2019-10501

Possible use after free issue due to improper input validation in volume listener library in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W,...

CVE-2019-10501

The CVE-2019-10501 entry affects Qualcomm Snapdragon volumes listener library across multiple Snapdragon platforms. Root cause: use-after-free caused by improper input validation in the volume listener component. Reported impact indicates partial confidentiality, integrity, and availability at a ...

CVE-2019-10501

Possible use after free issue due to improper input validation in volume listener library in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W,...

CVE-2018-10501

The CVE-2018-10501 issue affects Samsung Notes and is a local privilege-escalation vulnerability in the ZIP handling path validation. The root cause is improper validation of a user-supplied path used in file operations, enabling a local attacker to escalate privileges within the application. Aff...