Fedora 42 : chromium (2026-3675ac2066)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-3675ac2066 advisory. Update to 147.0.7727.101 Critical CVE-2026-6296: Heap buffer overflow in ANGLE Critical CVE-2026-6297: Use after free in Proxy Critical CVE-2026-629...

Security update for chromium (critical)

openSUSE security update: security update for chromium ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20588-1 Rating: critical References: bsc1262174 Cross-References: CVE-2026-6296 CVE-2026-6297 CVE-2026-6298 CVE-2026-6299 CVE-2026-6300...

SUSE CVE-2026-6318

Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-6318

An use after free flaw was found in the Codecs component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=495996858...

DEBIAN-CVE-2026-6318

Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-6318

Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-6318

Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

Linux Distros Unpatched Vulnerability : CVE-2026-6318

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

EUVD-2025-32495

A weakness has been identified in Tenda AC18 15.03.05.196318. This affects an unknown part of the file /goform/WifiMacFilterSet. Executing manipulation of the argument wifichkHz can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been made available t...

CVE-2025-11325

A security flaw has been discovered in Tenda AC18 15.03.05.196318. Affected by this issue is some unknown functionality of the file /goform/fastsettingpppoeset. Performing a manipulation of the argument Username results in stack-based buffer overflow. The attack is possible to be carried out...

NewStart CGSL MAIN 6.06 : cracklib Vulnerability (NS-SA-2025-0214)

The remote NewStart CGSL host, running version MAIN 6.06, has cracklib packages installed that are affected by a vulnerability: - Stack-based buffer overflow in the FascistGecosUser function in lib/fascist.c in cracklib allows local users to cause a denial of service application crash or gain...

CVE-2025-6318

creationtimestamp| type| source ---|---|--- 2025-06-20 07:44:58+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18910 2025-06-20 09:02:03+00:00| published-proof-of-concept| Telegram/rPH5h3FNLTWLLOli363EyEFrBKEOUgqhzP2V7bQFlK5dAc 2025-06-20 10:21:30+00:00| seen|...

CVE-2025-6318 PHPGurukul Pre-School Enrollment System check_availability.php sql injection

A vulnerability classified as critical was found in PHPGurukul Pre-School Enrollment System 1.0. This vulnerability affects unknown code of the file /admin/checkavailability.php. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit ha...

Linux Distros Unpatched Vulnerability : CVE-2017-6318

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - saned in sane-backends 1.0.25 allows remote attackers to obtain sensitive memory information via a crafted SANENETCONTROLOPTION packet. CVE-2017-6318 Note that...

CVE-2020-6318

A Remote Code Execution vulnerability exists in the SAP NetWeaver ABAP Server, up to release 7.40 and ABAP Platform release 7.40.Because of this, an attacker can exploit these products via Code Injection, and potentially enabling to take complete control of the products, including viewing,...

CVE-2024-6318

The IMGspider plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'uploadimgfile' function in all versions up to, and including, 2.3.10. This makes it possible for authenticated attackers, with contributor-level and above permissions, to upload...

CVE-2024-6318

The IMGspider plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'uploadimgfile' function in all versions up to, and including, 2.3.10. This makes it possible for authenticated attackers, with contributor-level and above permissions, to upload...

CVE-2024-6318 IMGspider <= 2.3.10 - Authenticated (Contributor+) Arbitrary File Upload via 'upload_img_file'

The IMGspider plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'uploadimgfile' function in all versions up to, and including, 2.3.10. This makes it possible for authenticated attackers, with contributor-level and above permissions, to upload...

CVE-2024-6318

CVE-2024-6318 affects IMGspider – 图片采集抓取插件 for WordPress. A missing file type validation in upload_img_file allows authenticated attackers (contributor+ required) to upload arbitrary files to the server, with potential remote code execution. The vulnerability exists in versions up to 2.3.10 and h...

CVE-2024-6318 IMGspider <= 2.3.10 - Authenticated (Contributor+) Arbitrary File Upload via 'upload_img_file'

The IMGspider plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'uploadimgfile' function in all versions up to, and including, 2.3.10. This makes it possible for authenticated attackers, with contributor-level and above permissions, to upload...