Fedora: Security Advisory (FEDORA-2026-a48b5f36ec)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2026:0052-1 Rating: important References: 1258116 1258185 1258199 Cross-References: CVE-2026-2313 CVE-2026-2314 CVE-2026-2315 CVE-2026-2316 CVE-2026-2317 CVE-2026-2318 CVE-2026-2319 CVE-2026-2320 CVE-2026-2321...

Debian dsa-6135 : chromium - security update

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6135 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6135-1 [email protected]...

chromedriver-145.0.7632.45-1.1 on GA media (moderate)

chromedriver-145.0.7632.45-1.1 on GA media Announcement ID: openSUSE-SU-2026:10201-1 Rating: moderate Cross-References: CVE-2026-2313 CVE-2026-2314 CVE-2026-2315 CVE-2026-2316 CVE-2026-2317 CVE-2026-2318 CVE-2026-2319 CVE-2026-2320 CVE-2026-2321 CVE-2026-2322 CVE-2026-2323 CVE-2026-2441 Affected...

CVE-2026-2318

creationtimestamp| type| source ---|---|--- 2026-02-12 14:10:30+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3meo6aknzuu2e 2026-02-18 15:05:13+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mf5e3ww2y424 2026-03-12 03:00:12+00:00| seen|...

CVE-2026-2318

Inappropriate implementation in PictureInPicture in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

DEBIAN-CVE-2026-2318

Inappropriate implementation in PictureInPicture in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-2318

Inappropriate implementation in PictureInPicture in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-2318

Inappropriate implementation in PictureInPicture in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

Linux Distros Unpatched Vulnerability : CVE-2026-2318

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in PictureInPicture in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI...

EUVD-2026-2318

In the Linux kernel, the following vulnerability has been resolved: net/handshake: duplicate handshake cancellations leak socket When a handshake request is cancelled it is removed from the handshakenet-hnrequests list, but it is still present in the handshakerhashtbl until it is destroyed. If a...

CVE-2019-2318

Non Secure Kernel can cause Trustzone to do an arbitrary memory read which will result into DOS in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8017,...

CVE-2025-2318

creationtimestamp| type| source ---|---|--- 2025-07-16 18:12:18+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lu3zen6y4s2m...

PT-2025-29894 · Undefined · Undefined

‼️ SUSE Alert: CVE-2025-2318 lets attackers gain root access on unpatched Linux systems. Patch via zypper patch --cve=CVE-2025-2318. Read more: 👉 https://t.co/XKBUHDH2TJ LinuxSecurity DevOps https://t.co/GU2X4rraMm...

CVE-2023-2318

DOM-based XSS in src/muya/lib/contentState/pasteCtrl.js in MarkText 0.17.1 and before on Windows, Linux and macOS allows arbitrary JavaScript code to run in the context of MarkText main window. This vulnerability can be exploited if a user copies text from a malicious webpage and paste it into...

CVE-2013-2318

The Content Provider in the MovatwiTouch application before 1.793 and MovatwiTouch Paid application before 1.793 for Android does not properly restrict access to authorization information, which allows attackers to hijack Twitter accounts via a crafted application...

Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2024-2318)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-2318

creationtimestamp| type| source ---|---|--- 2024-03-08 14:26:40+00:00| seen| https://t.me/ctinow/203336 2024-03-08 14:26:41+00:00| seen| https://t.me/ctinow/203337 2025-06-10 08:32:44+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17844...

CVE-2024-2318

CVE-2024-2318 affects ZKTeco ZKBio Media 2.0.0_x64_2024-01-29-1028. Affected is an unknown function in the /pro/common/download path on Service Port 9999. Manipulating the fileName parameter with ../../../../zkbio_media.sql results in a path traversal: '../filedir', enabling remote exploitation. ...

CVE-2024-2318 ZKTeco ZKBio Media Service Port 9999 download path traversal

A vulnerability was found in ZKTeco ZKBio Media 2.0.0x642024-01-29-1028. It has been classified as problematic. Affected is an unknown function of the file /pro/common/download of the component Service Port 9999. The manipulation of the argument fileName with the input ../../../../zkbiomedia.sql...