Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2026:0053-1 Rating: important References: 1258116 1258185 1258199 Cross-References: CVE-2026-2313 CVE-2026-2314 CVE-2026-2315 CVE-2026-2316 CVE-2026-2317 CVE-2026-2318 CVE-2026-2319 CVE-2026-2320 CVE-2026-2321...

CVE-2026-25230

CVE-2026-25230 affects FileRise, a self-hosted web file manager/WebDAV server. Before version 3.3.0, an authenticated user could inject HTML to modify the DOM, enabling the addition of elements that call certain endpoints or link elements that redirect on interaction. The issue is fixed in 3.3.0....

CVE-2026-25230 FileRise affected by HTML Injection using color property in file tags

FileRise is a self-hosted web file manager / WebDAV server. Prior to 3.3.0, an HTML Injection vulnerability allows an authenticated user to modify the DOM and add e.g. form elements that call certain endpoints or link elements that redirect the user on active interaction. This vulnerability is...

CVE-2026-25230 FileRise affected by HTML Injection using color property in file tags

FileRise is a self-hosted web file manager / WebDAV server. Prior to 3.3.0, an HTML Injection vulnerability allows an authenticated user to modify the DOM and add e.g. form elements that call certain endpoints or link elements that redirect the user on active interaction. This vulnerability is...

openSUSE 16 Security Update : chromium (openSUSE-SU-2026:20103-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20103-1 advisory. Changes in chromium: - Chromium 144.0.7559.96 boo1257011 CVE-2026-1220: Race in V8 - update INSTALL.sh to handle the addded tags in the desktop file...

OPENSUSE-SU-2026:20103-1 Security update for chromium

This update for chromium fixes the following issues: Changes in chromium: - Chromium 144.0.7559.96 boo1257011 CVE-2026-1220: Race in V8 - update INSTALL.sh to handle the addded tags in the desktop file boo1256938...

CVE-2025-66547 Nextcloud Server users can modify tags on files that do not belong to them

Nextcloud Server is a self hosted personal cloud system. In Nextcloud Server and Enterprise Server prior to 31.0.1, non-privileged users can modify tags on files they should not have access to via bulk tagging. This vulnerability is fixed in 31.0.1...

PT-2025-49268

Name of the Vulnerable Software and Affected Versions Nextcloud Server and Enterprise Server versions prior to 31.0.1 Description Non-privileged users can modify tags on files they should not have access to through bulk tagging. This affects a self-hosted personal cloud system. Recommendations...

CVE-2023-28476

Concrete CMS previously concrete5 in versions 9.0 through 9.1.3 is vulnerable to Stored XSS on Tags on uploaded files...

CVE-2024-1245

Concrete CMS version 9 before 9.2.5 is vulnerable to stored XSS in file tags and description attributes since administrator entered file attributes are not sufficiently sanitized in the Edit Attributes page. A rogue administrator could put malicious code into the file tags or description attribut...

PT-2023-21746 · Unknown · Concrete Cms

Name of the Vulnerable Software and Affected Versions: Concrete CMS previously concrete5 versions 9.0 through 9.1.3 Concrete CMS previously concrete5 versions prior to 9.2 Description: The issue is related to Stored XSS on Tags on uploaded files. This allows for malicious code to be stored and...

DEBIAN-CVE-2019-11372

An out-of-bounds read in MediaInfoLib::FileTagsHelper::SynchedTest in Tag/FileTags.cpp in MediaInfoLib in MediaArea MediaInfo 18.12 leads to a crash...

Zortam Mp3 Media Studio 20.15 - Overflow (PoC) (SEH)

-- coding: utf-8 -- Exploit Title : Zortam Mp3 Media Studio 20.15 - SEH overflow DOS Date: 2016-03-12 Author: INSECT.B Facebook : https://www.facebook.com/B.INSECT00 GitHub : binsect00 Blog : http://binsect00.tistory.com Vendor Homepage : http://www.zortam.com Software Link:...

CVE-2007-2953

Format string vulnerability in the helptagsone function in src/excmds.c in Vim 6.4 and earlier, and 7.x up to 7.1, allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a help-tags tag in a help file, related to the helptags command...