63 matches found
MINI-9X96-443G-5282
Bulletin has no description...
OPENSUSE-SU-2026:20460-1 Security update for chromium
This update for chromium fixes the following issues: Changes in chromium: - Chromium 146.0.7680.177 boo1261249 CVE-2026-5273: Use after free in CSS CVE-2026-5272: Heap buffer overflow in GPU CVE-2026-5274: Integer overflow in Codecs CVE-2026-5275: Heap buffer overflow in ANGLE CVE-2026-5276:...
DEBIAN-CVE-2026-5282
Out of bounds read in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...
CVE-2026-5282
creationtimestamp| type| source ---|---|--- 2026-03-31 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0385/ 2026-04-01 08:01:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mig7yd45t522 2026-04-01 15:31:15+00:00| seen|...
MINI-HGXV-5282-M9M9
Bulletin has no description...
CVE-2025-5282
The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the deletepackage function in all versions up to, and including, 6.5.1. This makes it possible for unauthenticated attackers to...
WordPress WP Travel Engine plugin <= 6.5.1 - Missing Authorization to Unauthenticated Arbitrary Post Deletion vulnerability
Missing Authorization to Unauthenticated Arbitrary Post Deletion vulnerability discovered by mikemyers in WordPress Plugin WP Travel Engine versions = 6.5.1...
CVE-2025-5282
The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the deletepackage function in all versions up to, and including, 6.5.1. This makes it possible for unauthenticated attackers to...
CVE-2025-5282
The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the deletepackage function in all versions up to, and including, 6.5.1. This makes it possible for unauthenticated attackers to...
CVE-2025-5282 WP Travel Engine <= 6.5.1 - Missing Authorization to Unauthenticated Arbitrary Post Deletion
The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the deletepackage function in all versions up to, and including, 6.5.1. This makes it possible for unauthenticated attackers to...
CVE-2025-5282
CVE-2025-5282 : WP Travel Engine – Tour Booking Plugin (WordPress) versions up to and including 6.5.1 are vulnerable due to a missing capability check in delete_package(), allowing unauthenticated attackers to delete arbitrary posts. The issue is confirmed in multiple sources (NVD entry, Red Hat ...
CVE-2025-5282 WP Travel Engine <= 6.5.1 - Missing Authorization to Unauthenticated Arbitrary Post Deletion
The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the deletepackage function in all versions up to, and including, 6.5.1. This makes it possible for unauthenticated attackers to...
CVE-2024-5282
The wp-affiliate-platform WordPress plugin before 6.5.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2019-5282
Bastet module of some Huawei smartphones with Versions earlier than Emily-AL00A 9.0.0.182C00E82R1P21, Versions earlier than Emily-TL00B 9.0.0.182C01E82R1P21, Versions earlier than Emily-L09C 9.0.0.203C432E7R1P11, Versions earlier than Emily-L29C 9.0.0.203C432E7R1P11, Versions earlier than...
Linux Distros Unpatched Vulnerability : CVE-2014-5282
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of untrusted images via...
CVE-2020-5282
In Nick Chan Bot before version 1.0.0-beta there is a vulnerability in the npm command which is part of this software package. This allows arbitrary shell execution,which can compromise the bot This is patched in version 1.0.0-beta...
CVE-2024-5282
creationtimestamp| type| source ---|---|--- 2024-07-13 08:49:48+00:00| seen| https://t.me/cvedetector/807...
CVE-2024-5282
CVE-2024-5282 — wp-affiliate-platform prior to 6.5.1 allows reflected XSS by not sanitizing/escaping a parameter before echoing it. Impact targets high-privilege users (admin). Remediation: upgrade to version 6.5.1 or later (patched). References across connected feeds corroborate the reflected XS...
CVE-2024-5282 WP Affiliate Platform < 6.5.1 - Reflected XSS via Registration Form
The wp-affiliate-platform WordPress plugin before 6.5.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2019-5282
creationtimestamp| type| source ---|---|--- 2024-02-14 08:51:11+00:00| seen| https://t.me/ctinow/184467...