OPENSUSE-SU-2026:20372-1 Security update for chromium

This update for chromium fixes the following issues: Changes in chromium: - Chromium 146.0.7680.80: CVE-2026-3909: Out of bounds write in Skia boo1259659 - Chromium 146.0.7680.75 released 2026-03-12 boo1259648 CVE-2026-3910: Inappropriate implementation in V8. - Chromium 146.0.7680.71 released...

CVE-2026-3942

Incorrect security UI in PictureInPicture in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

CVE-2026-3263

A vulnerability was found in go2ismail Asp.Net-Core-Inventory-Order-Management-System up to 9.20250118. Affected by this vulnerability is an unknown functionality of the file /api/Security/ of the component Security API. Performing a manipulation results in improper authorization. Remote...

EUVD-2026-8925

A vulnerability was identified in go2ismail Free-CRM up to b83c40a90726d5e58f0cc680ffdcaa28a03fb5d1. This affects an unknown part of the file /api/Security/ of the component Security API. The manipulation leads to improper authorization. The attack is possible to be carried out remotely. The...

CVE-2026-3265

A vulnerability was identified in go2ismail Free-CRM up to b83c40a90726d5e58f0cc680ffdcaa28a03fb5d1. This affects an unknown part of the file /api/Security/ of the component Security API. The manipulation leads to improper authorization. The attack is possible to be carried out remotely. The...

CVE-2026-3265 go2ismail Free-CRM Security API improper authorization

A vulnerability was identified in go2ismail Free-CRM up to b83c40a90726d5e58f0cc680ffdcaa28a03fb5d1. This affects an unknown part of the file /api/Security/ of the component Security API. The manipulation leads to improper authorization. The attack is possible to be carried out remotely. The...

PT-2026-7457

The mongo-go-driver repository contains CGo bindings for GSSAPI Kerberos authentication on Linux and macOS. The C wrapper implementation contains a heap out-of-bounds read vulnerability due to incorrect assumptions about string termination in the GSSAPI standard. Since GSSAPI buffers are not...

MiracleLinux 7 : squid-3.5.20-17.el7.8 (AXSA:2022-3878:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3878:02 advisory. squid: buffer-over-read in SSPI and SMB authentication CVE-2022-41318 Tenable has extracted the preceding description block directly from the MiracleLinux...

Fedora 42 : chromium (2026-3736e2ff1a)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-3736e2ff1a advisory. Update to 144.0.7559.59 CVE-2026-0899: Out of bounds memory access in V8 CVE-2026-0900: Inappropriate implementation in V8 CVE-2026-0901:...

OPENSUSE-SU-2026:20054-1 Security update for chromium

This update for chromium fixes the following issues: Changes in chromium: - Chromium 144.0.7559.59 boo1256614 CVE-2026-0899: Out of bounds memory access in V8 CVE-2026-0900: Inappropriate implementation in V8 CVE-2026-0901: Inappropriate implementation in Blink CVE-2026-0902: Inappropriate...

PT-2026-25044

Name of the Vulnerable Software and Affected Versions OpenSSH affected versions not specified Description A flaw exists in the GSSAPI patch included in various Linux distributions of OpenSSH, but does not affect the upstream OpenSSH project itself. The issue stems from the use of sshpkt disconnec...

CVE-2025-58181

SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption...

chromium -- multiple security fixes

Chrome Releases reports: This update includes 20 security fixes: 447613211 High CVE-2025-12428: Type Confusion in V8. Reported by Man Yue Mo of GitHub Security Lab on 2025-09-26 450618029 High CVE-2025-12429: Inappropriate implementation in V8. Reported by Aorui Zhang on 2025-10-10 442860743 High...

EUVD-2019-5091

Malware in sbrugna...

EUVD-2018-13448

Malware in sbrugna...

scsi: ufs: qcom: Only free platform MSIs when ESI is enabled

...

Linux Distros Unpatched Vulnerability : CVE-2018-6178

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Eliding from the wrong side in an infobar in DevTools in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious...

Abnormal AI Abnormal Security API 安全漏洞

Abnormal AI Abnormal Security API is an API from Abnormal AI. A security vulnerability exists in Abnormal AI Abnormal Security API versions prior to 2025-02-19, which stems from a privilege degradation vulnerability...

DEBIAN-CVE-2025-37838

In the Linux kernel, the following vulnerability has been resolved: HSI: ssiprotocol: Fix use after free vulnerability in ssiprotocol Driver Due to Race Condition In the ssiprotocolprobe function, &ssi-work is bound with ssipxmitwork, In ssippnsetup, the ssippnxmit function within the ssippnops...

The vulnerability of Google Chrome’s Compositing component allows attackers to manipulate the user’s security interface without being detected.

The vulnerability of Google Chrome’s Compositing component is related to improper access control. Exploiting this vulnerability could allow attackers to forge the user’s security interface using a specially created HTML page...