CVE-2026-5346

A vulnerability was determined in huimeicloud hmeditor up to 2.2.3. Impacted is the function client.get of the file src/mcp-server.js of the component image-to-base64 Endpoint. Executing a manipulation of the argument url can lead to server-side request forgery. It is possible to launch the attac...

CVE-2026-5346

The CVE-2026-5346 entry affects huimeicloud hm_editor version up to 2.2.3. The vulnerability is in the image-to-base64 Endpoint, specifically the file src/mcp-server.js, in the function client.get. By manipulating the url argument, an attacker can trigger a server-side request forgery remotely. P...

CVE-2025-5346

creationtimestamp| type| source ---|---|--- 2025-07-17 15:02:05+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lu677endax2g...

CVE-2025-5346 File removal via path traversal in unsecured broadcast receiver in Bluebird barcode scanner application

Bluebird devices contain a pre-loaded barcode scanner application. This application exposes an unsecured broadcast receiver "kr.co.bluebird.android.bbsettings.BootReceiver". A local attacker can call the receiver to overwrite file containing ".json" keyword with default barcode config file. It is...

CVE-2025-5346

Bluebird devices expose an unsecured broadcast receiver (kr.co.bluebird.android.bbsettings.BootReceiver) in a pre-loaded barcode scanner app. A local attacker can call this receiver to overwrite a file containing the string ".json" with a default barcode config, due to lack of protection against ...

CGA-9J7V-5346-6PRQ

Bulletin has no description...

WordPress Flatsome Theme <= 3.18.7 is vulnerable to Cross Site Scripting (XSS)

Software Flatsome Type Theme Vulnerable versions = 3.18.7 Fixed in 3.19.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5346 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7e178a33c38d Credits wesley wcraft Required privile...

openSUSE: Security Advisory for chromium (openSUSE-SU-2023:0292-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 39 : chromium (2023-0b39dc9302)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-0b39dc9302 advisory. update to 118.0.5993.117. Security release for CVE-2023-5472 ---- Update to 118.0.5993.88 ---- Update to 118.0.5993.70. Include following security...

Fedora: Security Advisory for chromium (FEDORA-2023-8c9fd2a001)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 38 : chromium (2023-8c9fd2a001)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-8c9fd2a001 advisory. Update to 118.0.5993.70. Include following security fixes: - CVE-2023-5218: Use after free in Site Isolation. - CVE-2023-5487: Inappropriate...

Google Chrome Security Update (stable-channel-update-for-desktop-2023-10) - Windows

Google Chrome is prone to heap corruption vulnerability SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome";...

openSUSE 15 Security Update : chromium (openSUSE-SU-2023:0292-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2023:0292-1 advisory. - Type confusion in V8 in Google Chrome prior to 117.0.5938.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2023-5346

creationtimestamp| type| source ---|---|--- 2023-10-05 22:13:07+00:00| seen| https://t.me/cibsecurity/71678 2023-10-11 13:47:32+00:00| seen| https://t.me/truesecator/4951 2025-05-01 20:15:42+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14384...

CVE-2023-5346

CVE-2023-5346 affects Google Chrome/Chromium’s V8 engine prior to 117.0.5938.149. A type confusion in V8 could allow a remote attacker to trigger heap corruption via a crafted HTML page, with high severity (CVSS 3.1: 8.8, network attack vector, user interaction required). Affected component is Ch...

CVE-2023-5346

Type confusion in V8 in Google Chrome prior to 117.0.5938.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

OPENSUSE-SU-2023:0292-1 Security update for chromium

This update for chromium fixes the following issues: Chromium 117.0.5938.149: CVE-2023-5346: Type Confusion in V8 boo1215924...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2023:0292-1 Rating: important References: 1215924 Cross-References: CVE-2023-5346 Affected Products: openSUSE Backports SLE-15-SP5 An update that fixes one vulnerability is now available. Description: This update...

Chromium: CVE-2023-5346 Type Confusion in V8

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

[SECURITY] [DSA 5515-1] chromium security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5515-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 04, 2023 https://www.debian.org/security/faq -...