Lucene search
+L

2214 matches found

osv
osv
added 3 days ago4 views

DEBIAN-CVE-2026-15768

Insufficient policy enforcement in HTML-in-Canvas in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

6.5CVSS6.1AI score0.00208EPSS
Exploits0References1
nvd
nvd
added 3 days ago4 views

CVE-2026-15768

Insufficient policy enforcement in HTML-in-Canvas in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

6.5CVSS0.00208EPSS
Exploits0References2
cvelist
cvelist
added 3 days ago32 views

CVE-2026-15768

Insufficient policy enforcement in HTML-in-Canvas in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

0.00208EPSS
Exploits0References2
cve
cve
added 3 days ago12 views

CVE-2026-15768

CVE-2026-15768 affects Google Chrome’s HTML-in-Canvas: insufficient policy enforcement could allow a remote attacker to bypass the same-origin policy via a crafted HTML page. The issue is tied to Chrome prior to version 150.0.7871.125. A Chromium security advisory confirms this CVE among 15 fixes...

6.5CVSS6.1AI score0.00208EPSS
Exploits0References2Affected Software1
redhat
redhat
added 3 days ago7 views

firefox: thunderbird: Incorrect boundary conditions in the Graphics: CanvasWebGL component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics: CanvasWebGL component...

7.3CVSS6AI score0.00209EPSS
Exploits0References6
redhat
redhat
added 4 days ago4 views

firefox: thunderbird: Incorrect boundary conditions in the Graphics: CanvasWebGL component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics: CanvasWebGL component...

7.3CVSS6AI score0.00209EPSS
Exploits0References6
redhat
redhat
added 4 days ago6 views

firefox: thunderbird: Incorrect boundary conditions in the Graphics: CanvasWebGL component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics: CanvasWebGL component...

7.3CVSS6AI score0.00209EPSS
Exploits0References6
cve
cve
added 4 days ago10 views

CVE-2026-15551

CVE-2026-15551 : Samsung Open Source rlottie fraught with an integer overflow/ wraparound in the function gray_hline() , causing a heap-based buffer overflow when rendering a crafted Lottie animation at native canvas size. Risk details: attacker-controlled input through a crafted animation; CVSS3...

5.5CVSS6.1AI score0.00081EPSS
Exploits0References1
euvd
euvd
added 6 days ago7 views

EUVD-2026-43069

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Drupal Canvas allows Cross-Site Scripting XSS. This issue affects Drupal Canvas versions: from 0.0.0 to 1.4.2, from 1.5.0 to 1.5.2, from 1.6.0 to 1.6.1, from 1.7.0 to 1.7.1...

6.1AI score0.00253EPSS
Exploits0References2
euvd
euvd
added 6 days ago6 views

EUVD-2026-43070

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Drupal Canvas allows Cross-Site Scripting XSS. This issue affects Drupal Canvas versions: from 0.0.0 to 1.4.2, from 1.5.0 to 1.5.2, from 1.6.0 to 1.6.1, from 1.7.0 to 1.7.1...

6.1AI score0.00253EPSS
Exploits0References2
nvd
nvd
added last week6 views

CVE-2026-58588

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Drupal Canvas allows Cross-Site Scripting XSS. This issue affects Drupal Canvas versions: from 0.0.0 to 1.4.2, from 1.5.0 to 1.5.2, from 1.6.0 to 1.6.1, from 1.7.0 to 1.7.1...

6.1CVSS0.00253EPSS
Exploits0References1
nvd
nvd
added last week7 views

CVE-2026-58587

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Drupal Canvas allows Cross-Site Scripting XSS. This issue affects Drupal Canvas versions: from 0.0.0 to 1.4.2, from 1.5.0 to 1.5.2, from 1.6.0 to 1.6.1, from 1.7.0 to 1.7.1...

6.1CVSS0.00253EPSS
Exploits0References1
cve
cve
added last week16 views

CVE-2026-58588

CVE-2026-58588 describes an XSS vulnerability in the Drupal Canvas module caused by improper neutralization of input during web page generation. Affected versions are: 0.0.0–1.4.2, 1.5.0–1.5.2, 1.6.0–1.6.1, and 1.7.0–1.7.1. The issue stems from allowing image uploads via a custom API while valida...

6.1CVSS6.1AI score0.00253EPSS
Exploits0References1
cvelist
cvelist
added last week33 views

CVE-2026-58587 Drupal Canvas - Moderately critical - Improper validation - SA-CONTRIB-2026-065

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Drupal Canvas allows Cross-Site Scripting XSS. This issue affects Drupal Canvas versions: from 0.0.0 to 1.4.2, from 1.5.0 to 1.5.2, from 1.6.0 to 1.6.1, from 1.7.0 to 1.7.1...

0.00253EPSS
Exploits0References1
cve
cve
added last week15 views

CVE-2026-58587

CVE-2026-58587 affects Drupal Canvas (Canvas AI submodule). The issue is an improper neutralization of input during web page generation, leading to Cross-Site Scripting (XSS). Affected versions include 0.0.0 through 1.4.2, 1.5.0 through 1.5.2, 1.6.0 through 1.6.1, and 1.7.0 through 1.7.1. Root ca...

6.1CVSS6.1AI score0.00253EPSS
Exploits0References1
cvelist
cvelist
added last week31 views

CVE-2026-58588 Drupal Canvas - Moderately critical - Improper validation - SA-CONTRIB-2026-066

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Drupal Canvas allows Cross-Site Scripting XSS. This issue affects Drupal Canvas versions: from 0.0.0 to 1.4.2, from 1.5.0 to 1.5.2, from 1.6.0 to 1.6.1, from 1.7.0 to 1.7.1...

0.00253EPSS
Exploits0References1
osv
osv
added last week2 views

CVE-2026-58588 Drupal Canvas - Moderately critical - Improper validation - SA-CONTRIB-2026-066

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Drupal Canvas allows Cross-Site Scripting XSS. This issue affects Drupal Canvas versions: from 0.0.0 to 1.4.2, from 1.5.0 to 1.5.2, from 1.6.0 to 1.6.1, from 1.7.0 to 1.7.1...

6.1CVSS6.1AI score0.00253EPSS
Exploits0References5
osv
osv
added last week6 views

CVE-2026-58587 Drupal Canvas - Moderately critical - Improper validation - SA-CONTRIB-2026-065

Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Drupal Canvas allows Cross-Site Scripting XSS. This issue affects Drupal Canvas versions: from 0.0.0 to 1.4.2, from 1.5.0 to 1.5.2, from 1.6.0 to 1.6.1, from 1.7.0 to 1.7.1...

6.1CVSS6.1AI score0.00253EPSS
Exploits0References5
redhat
redhat
added 2026/07/09 5:8 p.m.5 views

firefox: thunderbird: Incorrect boundary conditions in the Graphics: CanvasWebGL component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics: CanvasWebGL component...

7.3CVSS5.9AI score0.00209EPSS
Exploits0References6
redhat
redhat
added 2026/07/07 6:33 a.m.3 views

firefox: thunderbird: Incorrect boundary conditions in the Graphics: CanvasWebGL component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics: CanvasWebGL component...

7.3CVSS5.9AI score0.00209EPSS
Exploits0References6
Rows per page
Query Builder