OPENSUSE-SU-2026:20460-1 Security update for chromium

This update for chromium fixes the following issues: Changes in chromium: - Chromium 146.0.7680.177 boo1261249 CVE-2026-5273: Use after free in CSS CVE-2026-5272: Heap buffer overflow in GPU CVE-2026-5274: Integer overflow in Codecs CVE-2026-5275: Heap buffer overflow in ANGLE CVE-2026-5276:...

DEBIAN-CVE-2026-5280

Use after free in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-5280

creationtimestamp| type| source ---|---|--- 2026-03-31 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0385/ 2026-04-01 08:27:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3migbhqt6g624 2026-04-01 18:00:00+00:00| seen|...

CVE-2020-24034

Sagemcom F@ST 5280 routers using firmware version 1.150.61 have insecure deserialization that allows any authenticated user to perform a privilege escalation to any other user. By making a request with valid sessid, nonce, and ha1 values inside of the serialized session cookie, an attacker may...

PT-2025-47485

Name of the Vulnerable Software and Affected Versions eGovFramework/egovframe-common-components versions up to and including 4.3.1 Description The software contains an unauthenticated file upload issue through the /utl/wed/insertImage.do and /utl/wed/insertImageCk.do API endpoints. These endpoint...

Linux Distros Unpatched Vulnerability : CVE-2025-5280

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds write in V8 in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2025:0175-1 Rating: important References: 1243741 Cross-References: CVE-2025-5063 CVE-2025-5064 CVE-2025-5065 CVE-2025-5066 CVE-2025-5067 CVE-2025-5280 CVE-2025-5281 CVE-2025-5283 Affected Products: openSUSE...

MGASA-2025-0187 Updated chromium-browser-stable packages fix security vulnerabilities

CVE-2025-5063: Use after free in Compositing. CVE-2025-5280: Out of bounds write in V8. CVE-2025-5064: Inappropriate implementation in Background Fetch API. CVE-2025-5065: Inappropriate implementation in FileSystemAccess API. CVE-2025-5066: Inappropriate implementation in Messages. CVE-2025-5281:...

Fedora 41 : chromium (2025-680072bb22)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-680072bb22 advisory. Update to 137.0.7151.55 CVE-2025-5063: Use after free in Compositing CVE-2025-5280: Out of bounds write in V8 CVE-2025-5064: Inappropriate...

CVE-2025-5280

Out of bounds write in V8 in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2025-5280 vulnerabilities

Vulnerabilities for packages: chromium...

Chromium: CVE-2025-5280 Out of bounds write in V8

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2025-5280

Out of bounds write in V8 in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2025-5280

Out of bounds write in V8 in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2025-5280

Out of bounds write in V8 in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2025-5280

Out of bounds write in V8 in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

chromium -- multiple security fixes

Chrome Releases reports: This update includes 11 security fixes: 411573532 High CVE-2025-5063: Use after free in Compositing. Reported by Anonymous on 2025-04-18 417169470 High CVE-2025-5280: Out of bounds write in V8. Reported by pwn2car on 2025-05-12 40058068 Medium CVE-2025-5064: Inappropriate...

directory.5280.com Cross Site Scripting vulnerability OBB-4040183

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

WordPress Affiliate Manager Plugin < 6.5.1 is vulnerable to Cross Site Scripting (XSS)

Software Affiliate Manager Type Plugin Vulnerable versions 6.5.1 Fixed in 6.5.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5280 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0fe8966b39d9 Credits caon Required...

CVE-2024-5280

creationtimestamp| type| source ---|---|--- 2024-07-13 08:49:50+00:00| seen| https://t.me/cvedetector/809...