CVE-2026-5906 vulnerabilities

Vulnerabilities for packages: chromium...

Chromium: CVE-2026-5906 Incorrect security UI in Omnibox

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-5906

An incorrect security ui flaw was found in the Omnibox component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=484082189...

Linux Distros Unpatched Vulnerability : CVE-2026-5906

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect security UI in Omnibox in Google Chrome on Android prior to 147.0.7727.55 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a...

CVE-2026-5906

creationtimestamp| type| source ---|---|--- 2026-04-08 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260409 2026-04-12 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities20260413 2026-04-14...

CVE-2025-5906

A vulnerability classified as critical has been found in code-projects Laundry System 1.0. This affects an unknown part of the file /data/. The manipulation leads to missing authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be use...

CVE-2023-5906

The Job Manager & Career WordPress plugin before 1.4.4 contains a vulnerability in the Directory Listings system, which allows an unauthorized user to view and download private files of other users. This vulnerability poses a serious security threat because it allows an attacker to gain access to...

CVE-2020-5906

In versions 13.1.0-13.1.3.3, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, the BIG-IP system does not properly enforce the access controls for the scp.blacklist files. This allows Admin and Resource Admin users with Secure Copy SCP protocol access to read and overwrite blacklisted files via SCP...

CVE-2024-5906 Prisma Cloud Compute: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface

A cross-site scripting XSS vulnerability in Palo Alto Networks Prisma Cloud Compute software enables a malicious administrator with add/edit permissions for identity providers to store a JavaScript payload using the web interface on Prisma Cloud Compute. This enables a malicious administrator to...

MAL-2024-707 Malicious code in wlwz-2312-5906 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4d493de2ab123f058c0e83e6f4967fc3ba42f5c91263eec624060b1078f0ffe1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-5906

The Job Manager & Career WordPress plugin before 1.4.4 contains a vulnerability in the Directory Listings system, which allows an unauthorized user to view and download private files of other users. This vulnerability poses a serious security threat because it allows an attacker to gain access to...

CVE-2023-5906

CVE-2023-5906 affects the Job Manager & Career WordPress plugin (versions before 1.4.4). The issue stems from the Directory Listings system, allowing unauthenticated users to view and download private files belonging to other users, exposing confidential data. The CVE entry notes high impact (CVE...

CVE-2023-5906 Job Manager & Career < 1.4.4 - Directory listing to Sensitive Data Exposure

The Job Manager & Career WordPress plugin before 1.4.4 contains a vulnerability in the Directory Listings system, which allows an unauthorized user to view and download private files of other users. This vulnerability poses a serious security threat because it allows an attacker to gain access to...

WordPress Job Manager & Career Plugin < 1.4.4 is vulnerable to Sensitive Data Exposure

Software Job Manager & Career Type Plugin Vulnerable versions 1.4.4 Fixed in 1.4.4 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-5906 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID 4d36f550a2ca Credits Dmitrii Ignatyev Requir...

Ubuntu 20.04 LTS / 22.04 LTS : PostgreSQL vulnerability (USN-5906-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5906-1 advisory. Jacob Champion discovered that the PostgreSQL client incorrectly handled Kerberos authentication. If a user or automated system were tricked into...

K82518062: BIG-IP SCP vulnerability CVE-2020-5906

Security Advisory Description The BIG-IP system does not properly enforce the access controls for the scp.blacklist files. This allows Admin and Resource Admin users with Secure Copy SCP protocol access to read and overwrite blacklisted files via SCP. CVE-2020-5906 Note : F5 is working to elimina...

Oracle Linux 7 : containerd (ELSA-2020-5906)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2020-5906 advisory. - Addresses CVE-2020-15157 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not test...

CVE-2020-5906

In versions 13.1.0-13.1.3.3, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, the BIG-IP system does not properly enforce the access controls for the scp.blacklist files. This allows Admin and Resource Admin users with Secure Copy SCP protocol access to read and overwrite blacklisted files via SCP...

CVE-2020-5906

CVE-2020-5906 affects F5 BIG-IP: versions 13.1.0–13.1.3.3, 12.1.0–12.1.5.2, and 11.6.1–11.6.5.2. The root issue is improper enforcement of access controls on scp.blacklist files, allowing Admin/Resource Admin users with SCP access to read and overwrite blacklisted files. Remediation per the sourc...

CVE-2008-5906

Eval injection vulnerability in the web interface plugin in KTorrent before 3.1.4 allows remote attackers to execute arbitrary PHP code via unspecified parameters to this interface's PHP scripts...