27 matches found
PT-2026-25743
microsoftupdate securityupdate Edge Microsoft Edge Stable Channel Version 146.0.3856.59 ・CVE-2025-0385 ・CVE-2026-3910 「The Chromium team reported that CVE-2026-3910 has an exploit in the wild, and this update contains a fix for it.」...
Chromium: CVE-2026-3910 Inappropriate implementation in V8
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware that an exploit for CVE-2026-3910 exists in the wild...
About Remote Code Execution – Windows Shell (CVE-2026-21510) vulnerability
About Remote Code Execution - Windows Shell CVE-2026-21510 vulnerability. A vulnerability from the February Microsoft Patch Tuesday. The Windows Shell is the primary interface through which users interact with the Windows operating system. It includes visible elements such as the Desktop, Taskbar...
Patch Tuesday - January 2026
Microsoft is publishing 114 vulnerabilities this January 2026 Patch Tuesday. Today’s menu includes just one vulnerability marked as exploited in the wild, as well as two vulnerabilities where Microsoft is aware of public disclosure. There are no critical remote code execution or elevation of...
Security update for chromium (important)
openSUSE security update: security update for chromium ------------------------------------------------------------- Announcement ID: openSUSE-SU-2025-20161-1 Rating: important References: bsc1254776 Cross-References: CVE-2025-14372 CVE-2025-14373 Affected Products: openSUSE Leap 16.0...
Gogs 0-Day Exploited in the Wild
Wiz Threat Research has observed exploitation in-the-wild of CVE-2025-8110...
Google Issues Security Fix for Actively Exploited Chrome V8 Zero-Day Vulnerability
Google on Monday released security updates for its Chrome browser to address two security flaws, including one that has come under active exploitation in the wild. The vulnerability in question is CVE-2025-13223 CVSS score: 8.8, a type confusion vulnerability in the V8 JavaScript and WebAssembly...
Chromium: CVE-2025-6558 Incorrect validation of untrusted input in ANGLE and GPU
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware that an exploit for CVE-2025-6558 exists in the wild...
Chromium: CVE-2025-6554 Type Confusion in V8
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware that an exploit for CVE-2025-6554 exists in the wild...
PT-2024-5630 · Microsoft · Windows Power Dependency Coordinator +1
Name of the Vulnerable Software and Affected Versions: Windows Power Dependency Coordinator affected versions not specified Description: The issue is related to the use of memory after it has been freed, which can allow an attacker to elevate their privileges. A successful exploit may allow for...
CVE-2024-38475
Improper escaping of output in modrewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure...
Chromium: CVE-2024-5274 Type Confusion in V8
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware that an exploit for CVE-2024-5274 exists in the wild...
MGASA-2023-0355 New chromium-browser-stable 120.0.6099.129 fixes bugs and vulnerabilities
The chromium-browser-stable package has been updated to the 120.0.6099.129 release, fixing bugs and 20 vulnerabilities, together with 120.0.6099.109, 120.0.6099.71 and 120.0.6099.62; some of them are listed below. High CVE-2023-6508: Use after free in Media Stream. Reported by Cassidy...
CVE-2023-27640
An issue was discovered in the tshirtecommerce aka Custom Product Designer component 2.1.4 for PrestaShop. An HTTP request can be forged with the POST parameter type in the /tshirtecommerce/fonts.php endpoint, to allow a remote attacker to traverse directories on the system in order to open files...
PT-2023-2243
Name of the Vulnerable Software and Affected Versions Windows Common Log File System Driver affected versions not specified Description The issue is related to an elevation-of-privilege vulnerability in the Windows Common Log File System CLFS Driver. This vulnerability allows attackers to affect...
CVE-2016-20017
D-Link DSL-2750B devices before 1.05 allow remote unauthenticated command injection via the login.cgi cli parameter, as exploited in the wild in 2016 through 2022. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
Google Issues Urgent Chrome Update to Patch Actively Exploited Zero-Day Vulnerability
Google on Friday shipped an out-of-band security update to address a high severity vulnerability in its Chrome browser that it said is being actively exploited in the wild. Tracked as CVE-2022-1096, the zero-day flaw relates to a type confusion vulnerability in the V8 JavaScript engine. An...
Urgent Chrome Update Released to Patch Actively Exploited Zero-Day Vulnerability
Google on Friday rolled out an emergency security patch to its Chrome web browser to address a security flaw that's known to have an exploit in the wild. Tracked as CVE-2021-37973, the vulnerability has been described as use after free in Portals API, a web page navigation system that enables a...
[ASA-202103-9] chromium: arbitrary code execution
Arch Linux Security Advisory ASA-202103-9 ========================================= Severity: High Date : 2021-03-13 CVE-ID : CVE-2021-21191 CVE-2021-21192 CVE-2021-21193 Package : chromium Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1683 Summary =======...
Updated thunderbird packages fix security vulnerabilities
A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash CVE-2016-5296. The Mozilla Updater can be made to choose an arbitrary target working directory for output files resulting from the update process. This...