OPENSUSE-SU-2026:20460-1 Security update for chromium

This update for chromium fixes the following issues: Changes in chromium: - Chromium 146.0.7680.177 boo1261249 CVE-2026-5273: Use after free in CSS CVE-2026-5272: Heap buffer overflow in GPU CVE-2026-5274: Integer overflow in Codecs CVE-2026-5275: Heap buffer overflow in ANGLE CVE-2026-5276:...

CVE-2026-5289

creationtimestamp| type| source ---|---|--- 2026-03-31 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0385/ 2026-04-01 08:13:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3migaoseuhk2s 2026-04-01 15:22:49+00:00| seen|...

CVE-2025-5289

creationtimestamp| type| source ---|---|--- 2025-06-21 11:43:13+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/19113 2025-06-21 13:48:47+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ls4oyhx4fm2i...

CVE-2025-5289 3D FlipBook - Lite Edition <= 1.16.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via style and mode Parameters

The 3D FlipBook – PDF Embedder, PDF Flipbook Viewer, Flipbook Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘style’ and 'mode' parameters in all versions up to, and including, 1.16.15 due to insufficient input sanitization and output escaping. This makes ...

CVE-2025-5289 3D FlipBook - Lite Edition <= 1.16.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via style and mode Parameters

The 3D FlipBook – PDF Embedder, PDF Flipbook Viewer, Flipbook Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘style’ and 'mode' parameters in all versions up to, and including, 1.16.15 due to insufficient input sanitization and output escaping. This makes ...

CVE-2020-5289

In Elide before 4.5.14, it is possible for an adversary to "guess and check" the value of a model field they do not have access to assuming they can read at least one other field in the model. The adversary can construct filter expressions for an inaccessible field to filter a collection. The...

CVE-2011-5289

The SaveDecrypted method in the ChilkatCrypt2.ChilkatOmaDrm.1 ActiveX control in ChilkatCrypt2.dll in aTube Catcher 2.3.570 allows remote attackers to write to arbitrary files via a pathname in the argument...

RockyLinux 8 : mod_auth_openidc:2.3 (RLSA-2024:5289)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:5289 advisory. modauthopenidc: DoS when using OIDCSessionType client-cookie and manipulating cookies CVE-2024-24814 Tenable has extracted the preceding description block directl...

CGA-755C-5289-C3XJ

Bulletin has no description...

Oracle Linux 8 : mod_auth_openidc:2.3 (ELSA-2024-5289)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-5289 advisory. cjose modauthopenidc 2.4.9.4-6 - Resolves: RHEL-36492 Race condition in modauthopenidc filecache - Resolves: RHEL-25421 modauthopenidc: DoS when using...

CVE-2024-5289 Gutenberg Blocks with AI by Kadence WP – Page Builder Features <= 3.2.42 - Authenticated (Contributor+) Stored Cross-Site Scripting in Google Maps Widget

The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Google Maps widget parameters in all versions up to, and including, 3.2.42 due to insufficient input sanitization and output escaping. This makes it possibl...

WordPress Gutenberg Blocks by Kadence Blocks Plugin <= 3.2.42 is vulnerable to Cross Site Scripting (XSS)

Software Gutenberg Blocks by Kadence Blocks Type Plugin Vulnerable versions = 3.2.42 Fixed in 3.2.43 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5289 Patch priority Low CVSS severity Low 6.5 Developer KadenceWP PSID ec00fb4a383b Credits wesley...

CVE-2019-5289

creationtimestamp| type| source ---|---|--- 2024-02-14 08:51:14+00:00| seen| https://t.me/ctinow/184470...

CVE-2023-5289

creationtimestamp| type| source ---|---|--- 2023-09-29 18:37:49+00:00| seen| https://t.me/cibsecurity/71299...

CVE-2023-5289

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.8.4...

CVE-2023-5289

CVE-2023-5289 affects the rdiffweb project from ikus060, specifically versions prior to 2.8.4. The root issue is Allocation of Resources Without Limits or Throttling, leading to potential resource exhaustion. The known remediation is to upgrade to version 2.8.4 or later. Exploitation details are ...

CVE-2023-5289 Allocation of Resources Without Limits or Throttling in ikus060/rdiffweb

Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.8.4...

Mageia: Security Advisory (MGASA-2017-0323)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Firefox Security Advisory (MFSA2016-89) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

SUSE: Security Advisory (SUSE-SU-2016:0677-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...