CVE-2026-5902 vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2026-5902 vulnerabilities

Vulnerabilities for packages: chromium...

Linux Distros Unpatched Vulnerability : CVE-2026-5902

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Race in Media in Google Chrome on Android prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to corrupt media stream...

CVE-2026-5902

Race in Media in Google Chrome on Android prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to corrupt media stream metadata via a crafted HTML page. Chromium security severity: Low...

CVE-2026-5902

Race in Media in Google Chrome on Android prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to corrupt media stream metadata via a crafted HTML page. Chromium security severity: Low...

CVE-2026-5902

creationtimestamp| type| source ---|---|--- 2026-04-08 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260409 2026-04-12 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities20260413 2026-04-13...

Exploit for Path Traversal in F5 Big-Ip_Access_Policy_Manager

F5 BIG-IP TMUI Remote Code Execution Vulnerability CVE-2020-5...

📄 F5 BIG-IP TMUI Unauthenticated Remote Code Execution

This Metasploit module exploits a directory traversal vulnerability in the F5 BIG-IP TMUI interface that allows unauthenticated attackers to execute arbitrary system commands via tmshCmd.jsp...

CVE-2025-5902

creationtimestamp| type| source ---|---|--- 2025-06-09 23:32:50+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17807 2025-06-10 01:43:50+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lr7re226js2k...

CVE-2025-5902 TOTOLINK T10 POST Request cstecgi.cgi setUpgradeFW buffer overflow

A vulnerability was found in TOTOLINK T10 4.1.8cu.5207 and classified as critical. This issue affects the function setUpgradeFW of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument slaveIpList leads to buffer overflow. The attack may be initiate...

CVE-2025-5902

The CVE-2025-5902 entry concerns TOTOLINK T10 firmware version 4.1.8cu.5207. The vulnerability lies in the POST Request Handler’s setUpgradeFW function, specifically in processing the slaveIpList parameter in /cgi-bin/cstecgi.cgi, where a buffer overflow can be triggered. Publicly disclosed explo...

CVE-2023-5902

Cross-Site Request Forgery CSRF in GitHub repository pkp/pkp-lib prior to 3.3.0-16...

CVE-2020-5902

In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface TMUI, also referred to as the Configuration utility, has a Remote Code Execution RCE vulnerability in undisclosed pages...

Debian: Security Advisory (DSA-5902-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AWS VDP: CVE-2020-5902

CVE ID: CVE-2020-5902 Description: Affected Product: F5 BIG-IP Traffic Management User Interface TMUI Severity: Critical CVSS Score: 9.8 Description: Remote Code Execution RCE vulnerability in undisclosed pages of the TMUI CVE-2020-5902 is a critical vulnerability affecting the BIG-IP Traffic...

CVE-2024-5902

creationtimestamp| type| source ---|---|--- 2024-07-13 01:18:00+00:00| seen| https://t.me/cvedetector/787...

CVE-2024-5902 UserFeedback Lite <= 1.0.15 - Unauthenticated Stored Cross-Site Scripting via Name Parameter

The User Feedback – Create Interactive Feedback Form, User Surveys, and Polls in Seconds plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the name parameter in all versions up to, and including, 1.0.15 due to insufficient input sanitization and output escaping. This makes it...

WordPress User Feedback Plugin <= 1.0.15 is vulnerable to Cross Site Scripting (XSS)

Software User Feedback Type Plugin Vulnerable versions = 1.0.15 Fixed in 1.0.16 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5902 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8c5b5ac635dc Credits zer0gh0st Required...

MAL-2024-703 Malicious code in wlwz-2312-5902 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4983584ac611c393e81df819cf9a99ac76b3efe4d53e86cad6af5b1711614fa4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in wlwz-2312-5902 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4983584ac611c393e81df819cf9a99ac76b3efe4d53e86cad6af5b1711614fa4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...