11 matches found
CVE-2026-39937 Global vanishing does not completely remove user email
Improper removal of sensitive information before storage or transfer vulnerability in The Wikimedia Foundation Mediawiki - CentralAuth Extension allows Resource Leak Exposure. The issue has been remediated on the master branch, and in the release branches for MediaWiki versions 1.43, 1.44, and 1....
Fedora 42 : cef (2025-313f6d7702)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-313f6d7702 advisory. Update to 141.0.7390.122 High CVE-2025-12036 chromium: Inappropriate implementation in V8 High CVE-2025-11756: Use after free in Safe Browsing High...
CVE-2025-11207
Side-channel information leakage in Storage in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...
CVE-2025-11207
CVE-2025-11207 affects Google Chrome/Chromium prior to 141.0.7390.54. A side-channel information leakage in Storage allows a remote attacker to perform arbitrary read/write via a crafted HTML page. CVSSv3.1 base score 6.5 (Network exploit, LOW complexity, No privileges, No user interaction, Confi...
Chromium: CVE-2025-11207 Side-channel information leakage in Storage
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Google Chrome < 141.0.7390.54 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 141.0.7390.54. It is, therefore, affected by multiple vulnerabilities as referenced in the 202509stable-channel-update-for-desktop30 advisory. - Use after free in V8 in Google Chrome prior to 141.0.7390.54 allowed a...
Google Chrome < 141.0.7390.54 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 141.0.7390.54. It is, therefore, affected by multiple vulnerabilities as referenced in the 202509stable-channel-update-for-desktop30 advisory. - Use after free in V8 in Google Chrome prior to 141.0.7390.54 allowed a remot...
CVE-2022-49808
In the Linux kernel, the following vulnerability has been resolved: net: dsa: don't leak tagger-owned storage on switch driver unbind In the initial commit dc452a471dba "net: dsa: introduce tagger-owned storage for private and shared data", we had a call to tagops-disconnectdst issued from...
PT-2025-40433
Name of the Vulnerable Software and Affected Versions Chromium affected versions not specified Description A side-channel information leakage issue exists in Storage. This can allow attackers to affect the system. Recommendations At the moment, there is no information about a newer version that...
CVE-2024-26618 arm64/sme: Always exit sme_alloc() early with existing storage
In the Linux kernel, the following vulnerability has been resolved: arm64/sme: Always exit smealloc early with existing storage When smealloc is called with existing storage and we are not flushing we will always allocate new storage, both leaking the existing storage and corrupting the state. Fi...
zziplib security update
0.13.62-9 - Fix covscan warning - 'Variable 'file' going out of scope leaks the storage it points to.' has been introduced by the original version of 0001-fix-CVE-2018-7725.patch - Related: 1558596 0.13.62-8 - Fix CVE-2018-7727 - Resolves: 1558891 0.13.62-7 - Fix CVE-2018-7726 - Resolves: 1558623...