42 matches found
CVE-2026-5894 vulnerabilities
Vulnerabilities for packages: chromium...
Chromium: CVE-2026-5894 Inappropriate implementation in PDF
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
SUSE CVE-2026-5894
Inappropriate implementation in PDF in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...
CVE-2026-5894
Inappropriate implementation in PDF in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...
CVE-2026-5894
Inappropriate implementation in PDF in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...
CVE-2026-5894
creationtimestamp| type| source ---|---|--- 2026-04-08 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260409 2026-04-12 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities20260413 2026-04-14...
CVE-2025-5894
Smart Parking Management System from Honding Technology has a Missing Authorization vulnerability, allowing remote attackers with regular privileges to access a specific functionality to create administrator accounts, and subsequently log into the system using those accounts...
CVE-2025-5894
Smart Parking Management System from Honding Technology has a Missing Authorization vulnerability, allowing remote attackers with regular privileges to access a specific functionality to create administrator accounts, and subsequently log into the system using those accounts...
CVE-2025-5894
creationtimestamp| type| source ---|---|--- 2025-06-09 08:01:10+00:00| seen| Telegram/8DD9EH1jjPgxFP-wN6j7n4FLGqxinvMMBZqqPnx2jljiLjs 2025-06-09 09:24:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lr62m4kusl2q...
CVE-2025-5894
CVE-2025-5894 affects Honding Technology’s Smart Parking Management System . The described issue is a Missing Authorization vulnerability that lets remote attackers with regular privileges access a specific function to create administrator accounts and then log in with those accounts. Public metr...
CVE-2025-5894 Honding Technology Smart Parking Management System - Missing Authorization
Smart Parking Management System from Honding Technology has a Missing Authorization vulnerability, allowing remote attackers with regular privileges to access a specific functionality to create administrator accounts, and subsequently log into the system using those accounts...
CVE-2025-5894 Honding Technology Smart Parking Management System - Missing Authorization
Smart Parking Management System from Honding Technology has a Missing Authorization vulnerability, allowing remote attackers with regular privileges to access a specific functionality to create administrator accounts, and subsequently log into the system using those accounts...
Debian: Security Advisory (DSA-5894-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-5894 SourceCodester Online Eyewear Shop manage_product.php sql injection
A vulnerability classified as critical was found in SourceCodester Online Eyewear Shop 1.0. This vulnerability affects unknown code of the file manageproduct.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to th...
CVE-2024-5894
CVE-2024-5894 affects SourceCodester Online Eyewear Shop 1.0, specifically the manage_product.php file. The vulnerability arises from manipulation of the id parameter, leading to SQL injection and enabling remote exploitation. Documents consistently describe a critical/high-severity issue with po...
CVE-2023-5894
creationtimestamp| type| source ---|---|--- 2023-11-01 06:37:42+00:00| seen| https://t.me/cibsecurity/73297...
CVE-2023-5894
CVE-2023-5894 affects PKP Open Journals System (OJS) prior to 3.3.0-16. The vulnerability is a stored XSS in the title handling of pkp/ojs, caused by improper escaping of characters. Impact stated as possible script injection in the affected site. Remediation: upgrade to version 3.3.0-16 or later...
SUSE CVE-2007-5894
The reply function in ftpd.c in the gssftp ftpd in MIT Kerberos 5 krb5 does not initialize the length variable when authtype has a certain value, which has unknown impact and remote authenticated attack vectors. NOTE: the original disclosure misidentifies the conditions under which the...
CVE-2020-5894
On versions 3.0.0-3.3.0, the NGINX Controller webserver does not invalidate the server-side session token after users log out...
CVE-2020-5894
On versions 3.0.0-3.3.0, the NGINX Controller webserver does not invalidate the server-side session token after users log out...