OPENSUSE-SU-2026:20460-1 Security update for chromium

This update for chromium fixes the following issues: Changes in chromium: - Chromium 146.0.7680.177 boo1261249 CVE-2026-5273: Use after free in CSS CVE-2026-5272: Heap buffer overflow in GPU CVE-2026-5274: Integer overflow in Codecs CVE-2026-5275: Heap buffer overflow in ANGLE CVE-2026-5276:...

DEBIAN-CVE-2026-5290

Use after free in Compositing in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-5290

CVE-2026-5290 describes a use-after-free in Chrome’s Compositing (Blink/Chromium) prior to 146.0.7680.178. A remote attacker who compromises the renderer could potentially perform a sandbox escape via a crafted HTML page. The vulnerability affects Google Chrome; the cited update indicates a patch...

Linux Distros Unpatched Vulnerability : CVE-2026-5290

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Compositing in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform...

CVE-2026-5290

creationtimestamp| type| source ---|---|--- 2026-03-31 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0385/ 2026-04-01 06:06:07+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116327944482614052 2026-04-01 08:18:36+00:00| seen|...

MiracleLinux 4 : firefox-45.5.0-1.0.1.AXS4 (AXSA:2016-951:09)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2016-951:09 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this releas...

MiracleLinux 7 : firefox-45.5.0-1.0.1.el7.AXS7 (AXSA:2016-946:08)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2016-946:08 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this releas...

MiracleLinux 4 : thunderbird-45.5.0-1.AXS4 (AXSA:2016-1131:08)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2016-1131:08 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security issues fixed with this release: CVE-2016-5290 RESERVED This candidate has been reserv...

TencentOS Server 4: wpa_supplicant (TSSA-2024:1003)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:1003 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

CVE-2025-5290

creationtimestamp| type| source ---|---|--- 2025-05-31 08:41:09+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqhdy4u7jou2 2025-05-31 11:57:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lqhoym5ob62q...

CVE-2025-5290 Borderless – Elementor Addons and Templates <= 1.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Borderless – Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘title’ parameter in all versions up to, and including, 1.7.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

CVE-2025-5290 Borderless – Elementor Addons and Templates <= 1.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Borderless – Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘title’ parameter in all versions up to, and including, 1.7.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

WordPress Borderless – Elementor Addons and Templates plugin <= 1.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Robert DeVore in WordPress Plugin Borderless versions = 1.7.1...

Linux Distros Unpatched Vulnerability : CVE-2024-5290

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Ubuntu wpasupplicant that resulted in loading of arbitrary shared objects, which allows a local unprivileged attacker to escalate...

OESA-2024-2142 wpa_supplicant security update

wpasupplicant is a WPA Supplicant for Linux, BSD, Mac OS X, and Windows with support for WPA and WPA2 IEEE 802.11i / RSN. It is suitable for both desktop/laptop computers and embedded systems. Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. It implements key...

CVE-2024-5290

A vulnerability was found in the wpasupplicant package. This flaw allows a local unprivileged user who is part of the netdev group to achieve privilege escalation to the same user running wpasupplicant typically root. Mitigation Mitigation for this issue is either not available or the currently...

CVE-2024-5290

creationtimestamp| type| source ---|---|--- 2024-08-07 11:57:12+00:00| seen| https://t.me/cvedetector/2676 2024-08-10 21:41:30+00:00| published-proof-of-concept| https://t.me/HackingInsights/9240 2025-02-05 10:00:06+00:00| published-proof-of-concept|...

CVE-2024-5290

An issue was discovered in Ubuntu wpasupplicant that resulted in loading of arbitrary shared objects, which allows a local unprivileged attacker to escalate privileges to the user that wpasupplicant runs as usually root. Membership in the netdev group or access to the dbus interface of...

BELL-CVE-2024-5290

Bulletin has no description...

[SECURITY] [DSA 5739-1] wpa security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5739-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 06, 2024 https://www.debian.org/security/faq -...