CVE-2026-5864 vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2026-5864 vulnerabilities

Vulnerabilities for packages: chromium...

Chromium: CVE-2026-5864 Heap buffer overflow in WebAudio

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-5864

A heap buffer overflow flaw was found in the WebAudio component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=490642831...

CVE-2026-5864

Heap buffer overflow in WebAudio in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

CVE-2026-5864

creationtimestamp| type| source ---|---|--- 2026-04-08 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260409 2026-04-12 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities20260413 2026-04-14...

CGA-2H9P-9X34-5864

Bulletin has no description...

CVE-2024-5864

The Easy Affiliate Links plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the eaflresetsettings AJAX action in all versions up to, and including, 3.7.3. This makes it possible for authenticated attackers, with Subscriber-level access and...

CVE-2024-5864 Easy Affiliate Links <= 3.7.3 - Missing Authorization to Authenticated (Subscriber+) Settings Reset

The Easy Affiliate Links plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the eaflresetsettings AJAX action in all versions up to, and including, 3.7.3. This makes it possible for authenticated attackers, with Subscriber-level access and...

WordPress Easy Affiliate Links Plugin <= 3.7.3 is vulnerable to Broken Access Control

Software Easy Affiliate Links Type Plugin Vulnerable versions = 3.7.3 Fixed in 3.7.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-5864 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 72170cb45e64 Credits Lucio Sá Required privile...

CVE-2023-5864

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.1...

CVE-2023-5864

CVE-2023-5864 concerns a Cross-site Scripting (XSS) vulnerability in phpMyFAQ (Thorsten/phpMyFAQ). Affected software is phpMyFAQ versions prior to 3.2.1 (some sources reference 3.2.1/3.2.2 as thresholds). The issue is stored XSS via user-controllable input that is stored and later rendered to oth...

CVE-2023-5864 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.1...

CVE-2023-5864 Cross-site Scripting (XSS) - Stored in thorsten/phpmyfaq

Cross-site Scripting XSS - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.1...

RHEL 8 : grafana (RHSA-2023:5864)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:5864 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: golan...

K27205552: NGINX Controller vulnerability CVE-2020-5864

Security Advisory Description Communication between NGINX Controller and NGINX Plus instances skip TLS verification by default. CVE-2020-5864 Impact This vulnerability enables a man-in-the-middle MITM attack that can intercept the communication channel and read/modify data in transit. Security...

SUSE CVE-2019-5864

Insufficient data validation in CORS in Google Chrome prior to 76.0.3809.87 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension...

Ubuntu 18.04 LTS / 20.04 LTS : Fig2dev vulnerabilities (USN-5864-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5864-1 advisory. Frederic Cambus discovered that Fig2dev incorrectly handled certain image files. If a user or an automated system were tricked into opening a...

openSUSE: Security Advisory for chromium (openSUSE-SU-2019:1849-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2019-5864

Insufficient data validation in CORS in Google Chrome prior to 76.0.3809.87 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension...