CVE-2026-5880 vulnerabilities

Vulnerabilities for packages: chromium...

SUSE CVE-2026-5880

Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-5880

Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-5880

Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-5880

Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-5880

creationtimestamp| type| source ---|---|--- 2026-04-08 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260409 2026-04-12 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities20260413 2026-04-14...

CVE-2025-5880

creationtimestamp| type| source ---|---|--- 2025-06-09 15:08:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lr6ntepw2e2a 2026-04-23 19:00:11+00:00| published-proof-of-concept| Telegram/FrY9Ln1WDEhr5C7rGjfojNu1lRnf20MYdaUpc36iZR5uD0M 2026-04-23 21:00:04+00:00|...

CVE-2025-5880 Whistle get-temp-file path traversal

A vulnerability has been found in Whistle 2.9.98 and classified as problematic. This vulnerability affects unknown code of the file /cgi-bin/sessions/get-temp-file. The manipulation of the argument filename leads to path traversal. The exploit has been disclosed to the public and may be used. The...

CVE-2025-5880 Whistle get-temp-file path traversal

A vulnerability has been found in Whistle 2.9.98 and classified as problematic. This vulnerability affects unknown code of the file /cgi-bin/sessions/get-temp-file. The manipulation of the argument filename leads to path traversal. The exploit has been disclosed to the public and may be used. The...

CVE-2025-5880

CVE-2025-5880 affects Whistle 2.9.98. A path traversal flaw is triggered by manipulating the filename argument in /cgi-bin/sessions/get-temp-file. Exploit publicly disclosed; vendor unresponsive per sources. Practical mitigation from PT-2025-24440 suggests restricting access to the endpoint and a...

CVE-2020-5880

Om BIG-IP 15.0.0-15.0.1.3 and 14.1.0-14.1.2.3, the restjavad process may expose a way for attackers to upload arbitrary files on the BIG-IP system, bypassing the authorization system. Resulting error messages may also reveal internal paths of the server...

Oracle Demantra Database Credentials Leak

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle Demantra Database Credentials Leak', 'Description' = %q This module exploits a database credentials leak found in Oracle Demantra 12.2.1 i...

WordPress Hide My Site Plugin <= 2.2 is vulnerable to Sensitive Data Exposure

Software Hide My Site Type Plugin Vulnerable versions = 2.2 Fixed in N/A OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-5880 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID b33eb8bffc0d Credits Colin Xu Required privilege...

CVE-2019-5880

creationtimestamp| type| source ---|---|--- 2024-02-27 17:21:16+00:00| seen| https://t.me/ctinow/194629...

CVE-2023-5880

creationtimestamp| type| source ---|---|--- 2024-01-03 21:27:06+00:00| seen| https://t.me/ctinow/162601 2024-01-04 01:37:43+00:00| seen| https://t.me/cibsecurity/74342 2024-01-05 13:56:14+00:00| seen| https://t.me/arpsyndicate/2479 2024-01-23 22:31:36+00:00| seen| https://t.me/ctinow/172364...

CVE-2023-5880 Cross-site Scripting (XSS) injected into Aladdin Connect garage door opener (Retrofit-Kit) configuration setup webserver console via broadcast SSID name

When the Genie Company Aladdin Connect garage door opener Retrofit-Kit Model ALDCM is placed into configuration mode the web servers “Garage Door Control Module Setup” page is vulnerable to XSS via a broadcast SSID name containing malicious code with client side Java Script and/or HTML. This allo...

CVE-2023-5880

CVE-2023-5880 affects Genie Aladdin Connect Retrofit-Kit (Model ALDCM). When the device is in configuration mode, the web server page “Garage Door Control Module Setup” is vulnerable to cross-site scripting via a broadcast SSID name containing HTML/JavaScript, enabling injection of code into a us...

CVE-2023-5880 Cross-site Scripting (XSS) injected into Aladdin Connect garage door opener (Retrofit-Kit) configuration setup webserver console via broadcast SSID name

When the Genie Company Aladdin Connect garage door opener Retrofit-Kit Model ALDCM is placed into configuration mode the web servers “Garage Door Control Module Setup” page is vulnerable to XSS via a broadcast SSID name containing malicious code with client side Java Script and/or HTML. This allo...

Ubuntu: Security Advisory (USN-5880-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 18.04 LTS / 20.04 LTS : Firefox regressions (USN-5880-2)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5880-2 advisory. USN-5880-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the...