Fedora 42 : chromium (2026-3675ac2066)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-3675ac2066 advisory. Update to 147.0.7727.101 Critical CVE-2026-6296: Heap buffer overflow in ANGLE Critical CVE-2026-6297: Use after free in Proxy Critical CVE-2026-629...

Security update for chromium (critical)

openSUSE security update: security update for chromium ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20588-1 Rating: critical References: bsc1262174 Cross-References: CVE-2026-6296 CVE-2026-6297 CVE-2026-6298 CVE-2026-6299 CVE-2026-6300...

CVE-2026-6307 vulnerabilities

Vulnerabilities for packages: chromium...

Chromium: CVE-2026-6307 Type Confusion in Turbofan

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

DEBIAN-CVE-2026-6307

Type Confusion in Turbofan in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-6307

Type Confusion in Turbofan in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-6307

Type Confusion in Turbofan in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-6307

Type Confusion in Turbofan in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-6307

Type Confusion in Turbofan in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-6307

creationtimestamp| type| source ---|---|--- 2026-04-15 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260416 2026-04-15 22:00:34+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjkvg6qnoi2w 2026-04-15 23:26:54+00:00|...

Debian: Security Advisory (DSA-6075-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-4358-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-6307

creationtimestamp| type| source ---|---|--- 2025-06-20 05:31:23+00:00| published-proof-of-concept| Telegram/RCziIp2TL0t2b-zyhFYwscwIJp40Q5gWdwvBAm2lFwgg 2025-06-20 05:43:50+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18909 2025-06-20 07:47:41+00:00| seen|...

CVE-2025-6307

A vulnerability was found in code-projects Online Shoe Store 1.0. It has been rated as critical. This issue affects some unknown processing of the file /function/editcustomer.php. The manipulation of the argument firstname leads to sql injection. The attack may be initiated remotely. The exploit...

CVE-2025-6307

CVE-2025-6307 affects code-projects Online Shoe Store 1.0. Multiple sources describe a SQL injection in the edit_customer.php flow triggered by the firstname parameter, with remote feasibility and public disclosure. CNVD/CNNVD detail the vulnerability from lack of input validation in /function/ed...

CVE-2025-6307 code-projects Online Shoe Store edit_customer.php sql injection

A vulnerability was found in code-projects Online Shoe Store 1.0. It has been rated as critical. This issue affects some unknown processing of the file /function/editcustomer.php. The manipulation of the argument firstname leads to sql injection. The attack may be initiated remotely. The exploit...

CVE-2020-6307

Automated Note Search Tool update provided in SAP Basis 7.0, 7.01, 7.02, 7.31, 7.4, 7.5, 7.51, 7.52, 7.53 and 7.54 does not perform sufficient authorization checks leading to the reading of sensitive information...

Siemens SCALANCE X-200RNA Switch Devices Uncontrolled Resource Consumption (CVE-2016-6307)

The state-machine implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service memory consumption via crafted TLS messages, related to statem/statem.c and statem/statemlib.c. This plugin onl...

WordPress Multiple Vulnerabilities (Jun 2024) - Windows

WordPress is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescripti...

CVE-2024-6307 WordPress Core < 6.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via HTML API

WordPress Core is vulnerable to Stored Cross-Site Scripting via the HTML API in various versions prior to 6.5.5 due to insufficient input sanitization and output escaping on URLs. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web...