SUSE-SU-2026:1649-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issue: Update to Firefox Extended Support Release 140.10.0 ESR bsc1262230, MFSA 2026-32: - CVE-2026-6746: Use-after-free in the DOM: Core & HTML component. - CVE-2026-6747: Use-after-free in the WebRTC component. - CVE-2026-6748: Uninitialized...

CVE-2026-6750

creationtimestamp| type| source ---|---|--- 2026-04-21 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/mozilla-products-multiple-vulnerabilities20260422 2026-04-21 23:29:27+00:00| seen| Telegram/da4bvWuFIBZ1xbJCq39UTLrDihlERi1UO8pjihG32T1Z-BM 2026-04-22 02:01:20+00:00| seen|...

DEBIAN-CVE-2026-6750

Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

UBUNTU-CVE-2026-6750

Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

CVE-2026-6750 Privilege escalation in the Graphics: WebRender component

Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

Linux Distros Unpatched Vulnerability : CVE-2026-6750

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150,...

AlmaLinux 8 : gstreamer1-plugins-bad-free, gstreamer1-plugins-base, and gstreamer1-plugins-good (ALSA-2026:6750)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:6750 advisory. GStreamer: GStreamer: Arbitrary code execution via ASF file processing CVE-2026-2920 GStreamer: GStreamer: Remote Code Execution via heap-based buffer...

Oracle Linux 8 : gstreamer1-plugins-bad-free, / gstreamer1-plugins-base, / and / gstreamer1-plugins-good (ELSA-2026-6750)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-6750 advisory. - Add patch for CVE-2026-3082 Resolves: RHEL-156202 gstreamer1-plugins-base - Add patch for CVE-2026-2921 Resolves: RHEL-156169 gstreamer1-plugins-good...

OESA-2026-1007 hdf5 security update

HDF5 is a data model, library, and file format for storing and managing data. It supports an unlimited variety of datatypes, and is designed for flexible and efficient I/O and for high volume and complex data. HDF5 is portable and is extensible, allowing applications to evolve in their use of HDF...

CVE-2026-0707

A flaw was found in Keycloak. The Keycloak Authorization header parser is overly permissive regarding the formatting of the "Bearer" authentication scheme. It accepts non-standard characters such as tabs as separators and tolerates case variations that deviate from RFC 6750 specifications...

UBUNTU-CVE-2025-6750

A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. Affected by this issue is the function H5Omtimenewencode of the file src/H5Omtime.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the...

CVE-2025-6750

CVE-2025-6750 affects HDF5 1.14.6; the vulnerable component is H5O__mtime_new_encode in src/H5Omtime.c, where heap-based buffer overflow is triggered. Local access is required to exploit; exploitation has been disclosed publicly. No public details on vendor-specific remediation are provided in th...

CVE-2025-6750

A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. Affected by this issue is the function H5Omtimenewencode of the file src/H5Omtime.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the...

CVE-2006-6750

Format string vulnerability in XM Easy Personal FTP Server 5.0.1 allows remote attackers to cause a denial of service application crash via format string specifiers in a long PORT command. NOTE: this issue might be related to CVE-2006-2226...

Linux Distros Unpatched Vulnerability : CVE-2007-6750

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a denial of service daemon outage via partial HTTP requests, as demonstrated by Slowloris,...

CVE-2024-6750

creationtimestamp| type| source ---|---|--- 2024-07-24 05:46:46+00:00| seen| https://t.me/cvedetector/1536...

CVE-2024-6750 Social Auto Poster <= 5.3.14 - Missing Authorization via Multiple Functions

The Social Auto Poster plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on multiple functions in all versions up to, and including, 5.3.14. This makes it possible for unauthenticated attackers to add, modify, or delete pos...

CVE-2024-6750

The CVE-2024-6750 entry for the Social Auto Poster plugin (WordPress) is supported by multiple sources describing an unauthenticated flaw caused by missing capability checks in several functions through version 5.3.14, allowing an attacker to add, modify, or delete post meta and plugin options. P...

WordPress Social Auto Poster Plugin <= 5.3.14 is vulnerable to Broken Access Control

Software Social Auto Poster Type Plugin Vulnerable versions = 5.3.14 Fixed in 5.3.15 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-6750 Patch priority High CVSS severity High 7.3 Developer Claim ownership PSID e7a22665ac54 Credits István Márton Required...

CVE-2023-6750

creationtimestamp| type| source ---|---|--- 2024-01-13 00:41:11+00:00| seen| https://t.me/ctinow/167634 2026-04-09 04:41:17+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2023/CVE-2023-6750.yaml 2026-04-10 21:03:06+00:00| seen|...