OPENSUSE-SU-2026:20460-1 Security update for chromium

This update for chromium fixes the following issues: Changes in chromium: - Chromium 146.0.7680.177 boo1261249 CVE-2026-5273: Use after free in CSS CVE-2026-5272: Heap buffer overflow in GPU CVE-2026-5274: Integer overflow in Codecs CVE-2026-5275: Heap buffer overflow in ANGLE CVE-2026-5276:...

DEBIAN-CVE-2026-5276

Insufficient policy enforcement in WebUSB in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

CVE-2026-5276

Insufficient policy enforcement in WebUSB in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

📄 Fortra FileCatalyst Workflow 5.1.6 Build 135 SQL Injection

Fortra FileCatalyst Workflow version 5.1.6 Build 135 remote SQL injection proof of concept exploit. ============================================================================================================================================= | Title : Fortra FileCatalyst Workflow v5.1.6 Build 135...

CVE-2025-5276

All versions of the package mcp-markdownify-server are vulnerable to Server-Side Request Forgery SSRF via the Markdownify.get function. An attacker can craft a prompt that, once accessed by the MCP host, can invoke the webpage-to-markdown, bing-search-to-markdown, and youtube-to-markdown tools to...

CVE-2025-5276

CVE-2025-5276 affects mcp-markdownify-server. All versions are vulnerable to SSRF via Markdownify.get(), where improper validation in is_ip_private() and fetch() that follows redirects allows an attacker to access internal resources by crafting prompts that trigger webpage-to-markdown, bing-searc...

CVE-2011-5276

SQL injection vulnerability in the drawAdminToolsPackageInstaller function in shared/inc/forms/packager.php in Domain Technologie Control DTC before 0.32.11 allows remote authenticated users to execute arbitrary SQL commands via the databasename parameter...

CVE-2010-5276

The Memcache module 5.x before 5.x-1.10 and 6.x before 6.x-1.6 for Drupal does not properly handle the $user object in memcacheadmin, which might "lead to a role change not being recognized until the user logs in again."...

Linux Distros Unpatched Vulnerability : CVE-2015-5276

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The std::randomdevice class in libstdc++ in the GNU Compiler Collection aka GCC before 4.9.4 does not properly handle short reads from blocking sources, which...

Fortra FileCatalyst Workflow SQL Injection

require 'digest/md5' class MetasploitModule 'Fortra FileCatalyst Workflow SQL Injection CVE-2024-5276', 'Description' = %q This module exploits a SQL injection vulnerability in Fortra FileCatalyst Workflow 'Tenable', Discovery and PoC 'Michael Heinzl' MSF Module , 'References' = 'CVE', '2024-5276...

Metasploit Weekly Wrap-Up 08/23/2024

New module content 3 Fortra FileCatalyst Workflow SQL Injection CVE-2024-5276 Authors: Michael Heinzl and Tenable Type: Auxiliary Pull request: 19373 contributed by h4x-x0r Path: admin/http/fortrafilecatalystworkflowsqli AttackerKB reference: CVE-2024-5276 Description: This adds an auxiliary modu...

Fortra FileCatalyst Workflow SQL Injection (CVE-2024-5276)

This module exploits a SQL injection vulnerability in Fortra FileCatalyst Workflow use auxiliary/admin/http/fortrafilecatalystworkflowsqli msf auxiliaryfortrafilecatalystworkflowsqli show actions ...actions... msf auxiliaryfortrafilecatalystworkflowsqli set ACTION msf...

CVE-2024-5276

creationtimestamp| type| source ---|---|--- 2024-06-27 08:58:21+00:00| seen| https://t.me/thehackernews/5177 2024-06-27 09:35:36+00:00| seen| https://t.me/KomunitiSiber/2169 2024-06-27 10:23:20+00:00| seen| Telegram/qmEDHLBNdp1opQyESxLY8cSE-jzGu9bN7IsUBrgZMpYv7A 2024-06-27 10:26:03+00:00| seen|...

Critical SQLi Vulnerability Found in Fortra FileCatalyst Workflow Application

A critical security flaw has been disclosed in Fortra FileCatalyst Workflow that, if left unpatched, could allow an attacker to tamper with the application database. Tracked as CVE-2024-5276, the vulnerability carries a CVSS score of 9.8. It impacts FileCatalyst Workflow versions 5.1.6 Build 135...

Fortra FileCatalyst Workflow SQLi (CVE-2024-5276) (Version Check)

The version of Fortra FileCatalyst Workflow running on the remote host is prior to 5.1.6 Build 139. It is, therefore, is affected by a SQL injection vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

CVE-2024-5276 SQL Injection Vulnerability in FileCatalyst Workflow 5.1.6 Build 135 (and earlier)

A SQL Injection vulnerability in Fortra FileCatalyst Workflow allows an attacker to modify application data. Likely impacts include creation of administrative users and deletion or modification of data in the application database. Data exfiltration via SQL injection is not possible using this...

CVE-2024-5276 SQL Injection Vulnerability in FileCatalyst Workflow 5.1.6 Build 135 (and earlier)

A SQL Injection vulnerability in Fortra FileCatalyst Workflow allows an attacker to modify application data. Likely impacts include creation of administrative users and deletion or modification of data in the application database. Data exfiltration via SQL injection is not possible using this...

RHEL 6 : gcc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gcc: integer overflow flaws in libgfortran CVE-2014-5044 - Integer overflow in the new operator in gcc...

CVE-2019-5276

creationtimestamp| type| source ---|---|--- 2024-03-16 15:51:52+00:00| seen| https://t.me/ctinow/209587...

CVE-2023-5276

creationtimestamp| type| source ---|---|--- 2023-09-29 22:37:51+00:00| seen| https://t.me/cibsecurity/71324...