90 matches found
CVE-2026-5291 vulnerabilities
Vulnerabilities for packages: chromium...
OPENSUSE-SU-2026:20460-1 Security update for chromium
This update for chromium fixes the following issues: Changes in chromium: - Chromium 146.0.7680.177 boo1261249 CVE-2026-5273: Use after free in CSS CVE-2026-5272: Heap buffer overflow in GPU CVE-2026-5274: Integer overflow in Codecs CVE-2026-5275: Heap buffer overflow in ANGLE CVE-2026-5276:...
Chromium: CVE-2026-5291 Inappropriate implementation in WebGL
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
DEBIAN-CVE-2026-5291
Inappropriate implementation in WebGL in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-5291
Inappropriate implementation in WebGL in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-5291
CVE-2026-5291 corresponds to an Inappropriate implementation in WebGL in Google Chrome (Chromium) prior to 146.0.7680.178, allowing remote attackers to obtain potentially sensitive data from process memory via a crafted HTML page. Connected documents confirm the affected product is Google Chrome/...
Linux Distros Unpatched Vulnerability : CVE-2026-5291
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in WebGL in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to obtain potentially sensitive information from proces...
CVE-2026-5291
creationtimestamp| type| source ---|---|--- 2026-03-31 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0385/ 2026-04-01 08:04:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3miga5twbwl25 2026-04-01 18:00:00+00:00| seen|...
MiracleLinux 4 : firefox-45.5.0-1.0.1.AXS4 (AXSA:2016-951:09)
The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2016-951:09 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this releas...
MiracleLinux 7 : firefox-45.5.0-1.0.1.el7.AXS7 (AXSA:2016-946:08)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2016-946:08 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this releas...
CVE-2025-5291
creationtimestamp| type| source ---|---|--- 2025-06-17 11:38:25+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/18577 2025-06-17 16:01:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lrsujxd36h2a...
CVE-2025-5291
CVE-2025-5291 concerns the WordPress plugin Master Slider – Responsive Touch Slider. The vulnerability is a Stored Cross-Site Scripting (XSS) in versions up to 3.10.8, triggered via user-supplied attributes in the masterslider_pb and ms_slide shortcodes. Exploitation requires authenticated access...
CVE-2025-5291 Master Slider <= 3.10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via masterslider_pb and ms_slide Shortcodes
The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's mastersliderpb and msslide shortcodes in all versions up to, and including, 3.10.8 due to insufficient input sanitization and output escaping on user supplied attributes...
CVE-2025-5291 Master Slider <= 3.10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via masterslider_pb and ms_slide Shortcodes
The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's mastersliderpb and msslide shortcodes in all versions up to, and including, 3.10.8 due to insufficient input sanitization and output escaping on user supplied attributes...
CVE-2011-5291
The SaveData method in the Cygnicon.ViewControl.1 ActiveX control in CyViewer.ocx in Ashampoo 3D CAD Professional 3.x before 3.0.2 allows remote attackers to write to arbitrary files via a pathname in the first argument...
Oracle Linux 8 : grafana (ELSA-2024-5291)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-5291 advisory. 9.2.10-17 - Allow for mssql datasource in selinux policy - Resolves RHEL-43435 Tenable has extracted the preceding description block directly from the...
RHEL 8 : grafana (RHSA-2024:5291)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5291 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang: net:...
CVE-2024-5291
D-Link DIR-2150 GetDeviceSettings Target Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Authentication is not required to exploit this vulnerability. The...
CVE-2019-5291
creationtimestamp| type| source ---|---|--- 2024-03-12 10:11:42+00:00| seen| https://t.me/ctinow/205449...
CVE-2023-5291
The Blog Filter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'AWL-BlogFilter' shortcode in versions up to, and including, 1.5.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...