SUSE CVE-2025-3063

The Shopper Approved Reviews plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the ajaxcallbackupdatesaoption function in versions 2.0 to 2.1. This makes it possible for authenticated attackers, with...

Fedora: Security Advisory (FEDORA-2026-95fffce421)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 42 : chromium (2026-cf96901e5c)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-cf96901e5c advisory. Update to 145.0.7632.116 CVE-2026-3061: Out of bounds read in Media CVE-2026-3062: Out of bounds read and write in Tint CVE-2026-3063: Inappropriate...

Fedora 43 : chromium (2026-2e8248f158)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-2e8248f158 advisory. Update to 145.0.7632.116 CVE-2026-3061: Out of bounds read in Media CVE-2026-3062: Out of bounds read and write in Tint CVE-2026-3063: Inappropriate...

Fedora: Security Advisory (FEDORA-2026-2e8248f158)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2026-3063 vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2026-3063 vulnerabilities

Vulnerabilities for packages: chromium...

Chromium: CVE-2026-3063 Inappropriate implementation in DevTools

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Security update for chromium (important)

openSUSE security update: security update for chromium ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20277-1 Rating: important References: bsc1258733 Cross-References: CVE-2025-3063 CVE-2026-3061 CVE-2026-3062 Affected Products: openSUSE Leap 16.0...

Debian: Security Advisory (DSA-6151-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OPENSUSE-SU-2026:20277-1 Security update for chromium

This update for chromium fixes the following issues: Changes in chromium: - Chromium 145.0.7632.116 boo1258733: CVE-2026-3061: Out of bounds read in Media CVE-2026-3062: Out of bounds read and write in Tint CVE-2025-3063: Inappropriate implementation in DevTools...

CVE-2026-3063

creationtimestamp| type| source ---|---|--- 2026-02-24 14:40:08+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mfmfim3u7i2w 2026-02-25 03:28:43+00:00| seen| https://bsky.app/profile/securitylab-jp.bsky.social/post/3mfnqgtjn7s26 2026-02-27 14:10:08+00:00| seen|...

Linux Distros Unpatched Vulnerability : CVE-2026-3063

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in DevTools in Google Chrome prior to 145.0.7632.116 allowed an attacker who convinced a user to install a malicious extension to...

CVE-2026-3063

Inappropriate implementation in DevTools in Google Chrome prior to 145.0.7632.116 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via DevTools. Chromium security severity: High...

Amazon Linux 2 : fontforge, --advisory ALAS2-2025-3063 (ALAS-2025-3063)

The version of fontforge installed on the remote host is prior to 20120731b-13. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3063 advisory. FontForge v20230101 was discovered to contain a memory leak via the component DlgCreate8. CVE-2025-50949 Tenable has extract...

CVE-2025-3063

The Shopper Approved Reviews plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the ajaxcallbackupdatesaoption function in versions 2.0 to 2.1. This makes it possible for authenticated attackers, with...

CVE-2025-3063

CVE-2025-3063 (Shopper Approved Reviews, WordPress) is a real vulnerability affecting the Shopper Approved Reviews plugin (versions 2.0–2.1) where a missing capability check in ajax_callback_update_sa_option() allows authenticated users with Subscriber+ privileges to modify arbitrary site options...

CVE-2024-3063

CVE-2024-3063 refers to a Stored Cross‑Site Scripting (XSS) vulnerability in the WPB Elementor Addons WordPress plugin. Affected versions are all ≤ 1.0.9, due to insufficient input sanitization and output escaping on widget tag attributes. Exploitation requires authentication at contributor level...

openSUSE: Security Advisory for the Linux Kernel RT (Live Patch 2 for SLE 15 SP4) (SUSE-SU-2023:3063-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-3063

The SP Project & Document Manager plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 4.67. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it...