Lucene search
K

90 matches found

Wolfi
Wolfi
added 2026/07/01 2:16 p.m.4 views

CVE-2026-5291 vulnerabilities

Vulnerabilities for packages: chromium...

6.5CVSS6.6AI score0.00193EPSS
Exploits0
OSV
OSV
added 2026/04/03 6:9 a.m.2 views

OPENSUSE-SU-2026:20460-1 Security update for chromium

This update for chromium fixes the following issues: Changes in chromium: - Chromium 146.0.7680.177 boo1261249 CVE-2026-5273: Use after free in CSS CVE-2026-5272: Heap buffer overflow in GPU CVE-2026-5274: Integer overflow in Codecs CVE-2026-5275: Heap buffer overflow in ANGLE CVE-2026-5276:...

9.6CVSS6.3AI score0.05036EPSS
Exploits0References22
Microsoft CVE
Microsoft CVE
added 2026/04/03 1:46 a.m.8 views

Chromium: CVE-2026-5291 Inappropriate implementation in WebGL

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.5CVSS5.8AI score0.00193EPSS
Exploits0
OSV
OSV
added 2026/04/01 5:16 a.m.3 views

DEBIAN-CVE-2026-5291

Inappropriate implementation in WebGL in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.2AI score0.00193EPSS
Exploits0References1
NVD
NVD
added 2026/04/01 5:16 a.m.8 views

CVE-2026-5291

Inappropriate implementation in WebGL in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00193EPSS
Exploits0References2
CVE
CVE
added 2026/04/01 4:41 a.m.38 views

CVE-2026-5291

CVE-2026-5291 corresponds to an Inappropriate implementation in WebGL in Google Chrome (Chromium) prior to 146.0.7680.178, allowing remote attackers to obtain potentially sensitive data from process memory via a crafted HTML page. Connected documents confirm the affected product is Google Chrome/...

6.5CVSS5.9AI score0.00193EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/01 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-5291

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in WebGL in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to obtain potentially sensitive information from proces...

6.5CVSS6AI score0.00193EPSS
Exploits0References2
Circl
Circl
added 2026/03/31 5:0 p.m.8 views

CVE-2026-5291

creationtimestamp| type| source ---|---|--- 2026-03-31 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0385/ 2026-04-01 08:04:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3miga5twbwl25 2026-04-01 18:00:00+00:00| seen|...

6.5CVSS6.5AI score0.00193EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

MiracleLinux 4 : firefox-45.5.0-1.0.1.AXS4 (AXSA:2016-951:09)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2016-951:09 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this releas...

9.8CVSS7.5AI score0.12416EPSS
Exploits4References7
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.2 views

MiracleLinux 7 : firefox-45.5.0-1.0.1.el7.AXS7 (AXSA:2016-946:08)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2016-946:08 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this releas...

9.8CVSS7.5AI score0.12416EPSS
Exploits4References7
Circl
Circl
added 2025/06/17 11:38 a.m.18 views

CVE-2025-5291

creationtimestamp| type| source ---|---|--- 2025-06-17 11:38:25+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/18577 2025-06-17 16:01:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lrsujxd36h2a...

6.4CVSS4.8AI score0.00218EPSS
Exploits0References2
CVE
CVE
added 2025/06/17 11:23 a.m.43 views

CVE-2025-5291

CVE-2025-5291 concerns the WordPress plugin Master Slider – Responsive Touch Slider. The vulnerability is a Stored Cross-Site Scripting (XSS) in versions up to 3.10.8, triggered via user-supplied attributes in the masterslider_pb and ms_slide shortcodes. Exploitation requires authenticated access...

6.4CVSS5.7AI score0.00218EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2025/06/17 11:23 a.m.18 views

CVE-2025-5291 Master Slider <= 3.10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via masterslider_pb and ms_slide Shortcodes

The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's mastersliderpb and msslide shortcodes in all versions up to, and including, 3.10.8 due to insufficient input sanitization and output escaping on user supplied attributes...

6.4CVSS0.00218EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2025/06/17 11:23 a.m.5 views

CVE-2025-5291 Master Slider <= 3.10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via masterslider_pb and ms_slide Shortcodes

The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's mastersliderpb and msslide shortcodes in all versions up to, and including, 3.10.8 due to insufficient input sanitization and output escaping on user supplied attributes...

6.4CVSS5.9AI score0.00218EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/05/22 1:54 a.m.20 views

CVE-2011-5291

The SaveData method in the Cygnicon.ViewControl.1 ActiveX control in CyViewer.ocx in Ashampoo 3D CAD Professional 3.x before 3.0.2 allows remote attackers to write to arbitrary files via a pathname in the first argument...

6.4CVSS7.2AI score0.01229EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/08/14 12:0 a.m.27 views

Oracle Linux 8 : grafana (ELSA-2024-5291)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-5291 advisory. 9.2.10-17 - Allow for mssql datasource in selinux policy - Resolves RHEL-43435 Tenable has extracted the preceding description block directly from the...

9.8CVSS7.5AI score0.01952EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/08/14 12:0 a.m.28 views

RHEL 8 : grafana (RHSA-2024:5291)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5291 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang: net:...

9.8CVSS7.6AI score0.01952EPSS
Exploits0References10
NVD
NVD
added 2024/05/23 10:15 p.m.30 views

CVE-2024-5291

D-Link DIR-2150 GetDeviceSettings Target Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Authentication is not required to exploit this vulnerability. The...

8.8CVSS9.2AI score0.01966EPSS
Exploits0References1
Circl
Circl
added 2024/03/12 10:11 a.m.6 views

CVE-2019-5291

creationtimestamp| type| source ---|---|--- 2024-03-12 10:11:42+00:00| seen| https://t.me/ctinow/205449...

5.9CVSS5.8AI score0.00358EPSS
Exploits0References1
NVD
NVD
added 2023/10/04 2:15 a.m.20 views

CVE-2023-5291

The Blog Filter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'AWL-BlogFilter' shortcode in versions up to, and including, 1.5.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...

6.4CVSS5.7AI score0.0044EPSS
Exploits0References3
Rows per page
Query Builder