CGA-XR5X-4678-QPM8

Bulletin has no description...

Fedora: Security Advisory (FEDORA-2026-ad5b2b6b68)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 43 : chromium (2026-ad5b2b6b68)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-ad5b2b6b68 advisory. Update to 146.0.7680.164 High CVE-2026-4673: Heap buffer overflow in WebAudio High CVE-2026-4674: Out of bounds read in CSS High CVE-2026-4675: Heap...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2026:0096-1 Rating: important References: 1260376 Cross-References: CVE-2026-4673 CVE-2026-4674 CVE-2026-4675 CVE-2026-4676 CVE-2026-4677 CVE-2026-4678 CVE-2026-4679 CVE-2026-4680 Affected Products: openSUSE...

SUSE CVE-2026-4678

Use after free in WebGPU in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

Debian dsa-6177 : chromium - security update

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6177 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6177-1 [email protected]...

CVE-2026-4678

creationtimestamp| type| source ---|---|--- 2026-03-24 01:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260324 2026-03-24 02:00:12+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116281679016564532 2026-03-24 02:24:21+00:00| seen|...

CVE-2026-4678

Use after free in WebGPU in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

Linux Distros Unpatched Vulnerability : CVE-2026-4678

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebGPU in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

GO-2026-4678 Unauthorized access to Argo Workflows Template in github.com/argoproj/argo-workflows

Unauthorized access to Argo Workflows Template in github.com/argoproj/argo-workflows...

CVE-2025-4678

creationtimestamp| type| source ---|---|--- 2025-06-10 17:36:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lrbglpbjzt2m 2025-06-10 18:33:14+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/17959...

CVE-2025-4678 Remote Code Execution leads to Command Injection

Improper Neutralization of Special Elements in the chromiumpath variable may allow OS command injection. This issue affects Pandora ITSM 5.0.105...

CVE-2025-4678

CVE-2025-4678 affects Pandora ITSM 5.0.105. The root cause is improper neutralization of special elements in the chromium_path variable, which may permit OS command injection. The CVSS data indicates network attack vector, high severity (7.0), with high privileges required and no user interaction...

CVE-2025-4678 Remote Code Execution leads to Command Injection

Improper Neutralization of Special Elements in the chromiumpath variable may allow OS command injection. This issue affects Pandora ITSM 5.0.105...

CVE-2022-4678

The TemplatesNext ToolKit WordPress plugin before 3.2.8 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2012-4678

munin-cgi-graph for Munin 2.0 rc4 does not delete temporary files, which allows remote attackers to cause a denial of service disk consumption via many requests to an image with unique parameters...

CVE-2013-4678

The NDMP protocol implementation in Symantec Backup Exec 2010 R3 before 2010 R3 SP3 and 2012 before SP2 allows remote authenticated users to obtain sensitive host-version information via unspecified vectors...

CVE-2005-4678

Apple Safari 2.0.2 aka 416.12 allows remote attackers to spoof the URL in the status bar via the title in an image in a link to a trusted site within a form to the malicious site. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2022-4678

creationtimestamp| type| source ---|---|--- 2025-03-21 17:19:25+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8383...

Linux Distros Unpatched Vulnerability : CVE-2023-4678

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Divide By Zero in GitHub repository gpac/gpac prior to 2.3-DEV. CVE-2023-4678 Note that Nessus relies on the presence of the package as reported by the vendor...