Fedora 42 : chromium (2026-3675ac2066)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-3675ac2066 advisory. Update to 147.0.7727.101 Critical CVE-2026-6296: Heap buffer overflow in ANGLE Critical CVE-2026-6297: Use after free in Proxy Critical CVE-2026-629...

Security update for chromium (critical)

openSUSE security update: security update for chromium ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20588-1 Rating: critical References: bsc1262174 Cross-References: CVE-2026-6296 CVE-2026-6297 CVE-2026-6298 CVE-2026-6299 CVE-2026-6300...

CVE-2026-6313 vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2026-6313 vulnerabilities

Vulnerabilities for packages: chromium...

SUSE CVE-2026-6313

Insufficient policy enforcement in CORS in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

CVE-2026-6313

Insufficient policy enforcement in CORS in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

CVE-2026-6313

creationtimestamp| type| source ---|---|--- 2026-04-15 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260416 2026-04-19 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities20260420 2026-04-27...

Linux Distros Unpatched Vulnerability : CVE-2026-6313

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in CORS in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to leak...

MiracleLinux 7 : libgcrypt-1.5.3-13.el7.1 (AXSA:2016-862:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-862:01 advisory. Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version. Security issues fixed with this...

MiracleLinux 4 : libgcrypt-1.4.5-12.AXS4 (AXSA:2016-863:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-863:01 advisory. Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version. Security issues fixed with this...

CVE-2025-6313

A vulnerability was found in Campcodes Sales and Inventory System 1.0 and classified as critical. This issue affects some unknown processing of the file /pages/catadd.php. The manipulation of the argument Category leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-6313 Campcodes Sales and Inventory System cat_add.php sql injection

A vulnerability was found in Campcodes Sales and Inventory System 1.0 and classified as critical. This issue affects some unknown processing of the file /pages/catadd.php. The manipulation of the argument Category leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2020-6313

SAP NetWeaver Application Server JAVAXML Forms versions 7.30, 7.31, 7.40, 7.50 does not sufficiently encode user controlled inputs, which allows an authenticated User with special roles to store malicious content, that when accessed by a victim, can perform malicious actions by executing...

CVE-2018-6313

Cross-site scripting XSS in WBCE CMS 1.3.1 allows remote authenticated administrators to inject arbitrary web script or HTML via the Modify Page screen, a different issue than CVE-2017-2118...

CVE-2012-6313

simple-gmail-login.php in the Simple Gmail Login plugin before 1.1.4 for WordPress allows remote attackers to obtain sensitive information via a request that lacks a timezone, leading to disclosure of the installation path in a stack trace...

Linux Distros Unpatched Vulnerability : CVE-2017-6313

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer underflow in the loadresources function in io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service out-of-bounds read an...

CVE-2024-6313

The Gutenberg Forms plugin for WordPress is vulnerable to arbitrary file uploads due to the users can specify the allowed file types in the 'upload' function in versions up to, and including, 2.2.9. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected...

RHEL 9 : kpatch-patch-5_14_0-284_52_1 and kpatch-patch-5_14_0-284_79_1 (RHSA-2024:6313)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6313 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch...

CVE-2024-6313

creationtimestamp| type| source ---|---|--- 2024-07-09 10:59:30+00:00| seen| https://t.me/cvedetector/269 2024-08-30 06:52:02+00:00| published-proof-of-concept| https://t.me/codeb0ss/1554 2024-08-31 12:29:12+00:00| published-proof-of-concept|...

CVE-2024-6313

The Gutenberg Forms plugin for WordPress is vulnerable to arbitrary file uploads due to the users can specify the allowed file types in the 'upload' function in versions up to, and including, 2.2.9. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected...