CVE-2026-7948

A race flaw was found in the Chromoting component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=496193452...

Chromium: CVE-2026-7948 Race in Chromoting

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Linux Distros Unpatched Vulnerability : CVE-2026-7948

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Race in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform privilege escalation via a malicious file. Chromium...

CVE-2026-7948

Race in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform privilege escalation via a malicious file. Chromium security severity: Medium...

CVE-2026-7948

creationtimestamp| type| source ---|---|--- 2026-05-06 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260507 2026-05-07 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities20260508...

MAL-2025-7948 Malicious code in @frozen-team-qa/axios-client (npm)

The package @frozen-team-qa/axios-client was found to contain malicious code...

CVE-2025-7948

A vulnerability classified as problematic was found in jshERP up to 3.5. Affected by this vulnerability is an unknown functionality of the file /jshERP-boot/user/updatePwd. The manipulation leads to weak password recovery. The attack can be launched remotely. The exploit has been disclosed to the...

CVE-2025-7948 jshERP updatePwd password recovery

A vulnerability classified as problematic was found in jshERP up to 3.5. Affected by this vulnerability is an unknown functionality of the file /jshERP-boot/user/updatePwd. The manipulation leads to weak password recovery. The attack can be launched remotely. The exploit has been disclosed to the...

CVE-2025-7948

CVE-2025-7948 affects jshERP up to version 3.5. The vulnerability is due to a weakness in the handling of the file /jshERP-boot/user/updatePwd, leading to weak password recovery. It can be exploited remotely and the exploit has been publicly disclosed. Affected versions are up to 3.5; remediation...

CVE-2020-7948

An issue was discovered in the Login by Auth0 plugin before 4.0.0 for WordPress. A user can perform an insecure direct object reference...

Linux Distros Unpatched Vulnerability : CVE-2016-7948

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging mishandling of reply data. CVE-2016-7948 Note that...

CVE-2024-7948

creationtimestamp| type| source ---|---|--- 2024-08-20 04:34:47+00:00| seen| https://t.me/cvedetector/3582...

SUSE CVE-2014-7948

The AppCacheUpdateJob::URLFetcher::OnResponseStarted function in content/browser/appcache/appcacheupdatejob.cc in Google Chrome before 40.0.2214.91 proceeds with AppCache caching for SSL sessions even if there is an X.509 certificate error, which allows man-in-the-middle attackers to spoof HTML5...

SUSE CVE-2017-7948

Integer overflow in the markcurve function in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service out-of-bounds write and application crash or possibly have unspecified other impact via a crafted PostScript document...

Ubuntu: Security Advisory (USN-5428-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5428-1 libxrandr vulnerabilities

Tobias Stoeckmann discovered that libXrandr incorrectly handled certain responses. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. CVE-2016-7947, CVE-2016-7948...

Slackware: Security Advisory (SSA:2016-305-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2018-0011)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:3189-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:2505-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...