SUSE-SU-2026:1749-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.52.1. Security issues fixed: - CVE-2026-20643: processing maliciously crafted web content may bypass Same Origin Policy bsc1261172. - CVE-2026-20664: processing maliciously crafted web content may lead to an unexpected...

SUSE-SU-2026:1648-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues: Update to version 2.52.1. Security issues fixed: - CVE-2026-20643: processing maliciously crafted web content may bypass Same Origin Policy bsc1261172. - CVE-2026-20664: processing maliciously crafted web content may lead to an unexpected...

Debian dsa-6232 : gir1.2-javascriptcoregtk-4.1 - security update

The remote Debian 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6232 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6232-1 [email protected] https://www.debian.org/securit...

Linux Distros Unpatched Vulnerability : CVE-2026-20691

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An authorization issue was addressed with improved state management. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS...

CVE-2026-20691

creationtimestamp| type| source ---|---|--- 2026-03-25 03:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/apple-products-multiple-vulnerabilities20260325...

CVE-2026-20691

An authorization issue was addressed with improved state management. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. A maliciously crafted webpage may be able to fingerprint the user...

CVE-2026-20691

An authorization issue was addressed with improved state management. This issue is fixed in Safari 26.4, iOS 26.4 and iPadOS 26.4, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. A maliciously crafted webpage may be able to fingerprint the user...

CVE-2019-20691

Certain NETGEAR devices are affected by CSRF. This affects D3600 before 1.0.0.72, D6000 before 1.0.0.72, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150v1 before 1.0.0.42, EX6200 before 1.0.3.88...

CVE-2025-20691

In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418039; Issue ID: MSV-3477...

CVE-2022-20691

A vulnerability in the Cisco Discovery Protocol functionality of Cisco ATA 190 Series Adaptive Telephone Adapter firmware could allow an unauthenticated, adjacent attacker to cause a DoS condition of an affected device. This vulnerability is due to missing length validation of certain Cisco...

CVE-2021-20691

Cross-site scripting vulnerability in Yomi-Search Ver4.22 allows remote attackers to inject an arbitrary script via unspecified vectors...

CVE-2020-20691

An issue in Monstra CMS v3.0.4 allows attackers to execute arbitrary web scripts or HTML via bypassing the file extension filter and uploading crafted HTML files...

CVE-2024-20691

creationtimestamp| type| source ---|---|--- 2024-01-09 20:16:28+00:00| seen| https://t.me/ctinow/165324...

CVE-2024-20691

CVE-2024-20691 is a Windows Themes Information Disclosure vulnerability. CVSS-3.1 metrics indicate Local attack with High Confidentiality impact, base score 4.7, and no user interaction required, but with high attack complexity and low privileges. Exploit details or concrete remediation are not p...

KB5034184: Windows Server 2012 Security Update (January 2024)

The remote Windows host is missing security update 5034184. It is, therefore, affected by multiple vulnerabilities - Microsoft ODBC Driver Remote Code Execution Vulnerability CVE-2024-20654 - Windows Kerberos Security Feature Bypass Vulnerability CVE-2024-20674 - Windows Group Policy Elevation of...

CVE-2023-20691

CVE-2023-20691 affects MediaTek WLAN firmware, where an integer overflow can cause a system crash and remote denial of service. Exploitation requires no user interaction and no privileges. Root cause is not elaborated beyond the overflow in the WLAN firmware; no explicit exploit vectors are provi...

CVE-2020-20691

creationtimestamp| type| source ---|---|--- 2021-09-28 02:35:13+00:00| seen| https://t.me/cibsecurity/29536...

CVE-2020-20691

Monstra CMS v3.0.4 is reported vulnerable to arbitrary script/HTML execution by bypassing the file-extension filter and uploading crafted HTML files. The CVE-2020-20691 entry notes that an attacker can leverage this to execute web scripts or HTML, without requiring authentication; exact exploit v...

CVE-2021-20691

Summary: CVE-2021-20691 affects Yomi-Search Ver4.22 (WonderLink Yomi-Search). Vulnerability: Cross-site scripting (CWE-79) that allows an arbitrary script to run in the web browser of users visiting a site using Yomi-Search. Root cause / vector: Unspecified attack vectors reported; multiple sourc...

CVE-2019-20691

The provided connected documents confirm a CSRF vulnerability (CVE-2019-20691) affecting multiple NETGEAR devices: D3600 (before 1.0.0.72), D6000 (before 1.0.0.72), EX3700 (before 1.0.0.70), EX3800 (before 1.0.0.70), EX6000 (before 1.0.0.30), EX6100 (before 1.0.2.24), EX6120 (before 1.0.0.40), EX...