Lucene search
+L

25 matches found

Chainguard
Chainguard
added 2026/07/09 8:31 p.m.10 views

CVE-2026-13953 vulnerabilities

Vulnerabilities for packages: chromium...

6.5CVSS5.9AI score0.00262EPSS
Exploits0
Wolfi
Wolfi
added 2026/07/09 8:23 p.m.6 views

CVE-2026-13953 vulnerabilities

Vulnerabilities for packages: chromium...

6.5CVSS5.9AI score0.00262EPSS
Exploits0
Circl
Circl
added 2026/07/02 7:47 a.m.10 views

CVE-2026-13953

creationtimestamp| type| source ---|---|--- 2026-07-02 07:47:08+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260702 2026-07-06 07:19:50+00:00| seen| https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities20260706...

6.5CVSS5.9AI score0.00262EPSS
Exploits0References2
NVD
NVD
added 2026/06/30 11:17 p.m.7 views

CVE-2026-13953

Inappropriate implementation in SplitView in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00262EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.3 views

DEBIAN-CVE-2026-13953

Inappropriate implementation in SplitView in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00262EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.9 views

CVE-2026-13953

Inappropriate implementation in SplitView in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00262EPSS
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-1426

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.06559EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/05/24 7:12 p.m.18 views

CVE-2024-13953

Sensitive device logger information in ASPECT may be exposed if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...

6.9CVSS6.7AI score0.00298EPSS
Exploits0References1
NVD
NVD
added 2025/05/22 7:15 p.m.11 views

CVE-2024-13953

Sensitive device logger information in ASPECT may be exposed if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...

6.9CVSS0.00298EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/22 6:28 p.m.19 views

CVE-2024-13953 Sensitive Information disclosed in log files

Sensitive device logger information in ASPECT may be exposed if administrator credentials become compromisedThis issue affects ASPECT-Enterprise: through 3.; NEXUS Series: through 3.; MATRIX Series: through 3...

6.9CVSS0.00298EPSS
Exploits0References1
OSV
OSV
added 2022/03/18 5:53 p.m.36 views

GHSA-GHM8-MMX7-XVG2 Information Exposure in Apache Tapestry

Information Exposure vulnerability in context asset handling of Apache Tapestry allows an attacker to download files inside WEB-INF if using a specially-constructed URL. This was caused by an incomplete fix for CVE-2020-13953. This issue affects Apache Tapestry Apache Tapestry 5.4.0 version to...

7.5CVSS5.9AI score0.06559EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2022/03/18 5:53 p.m.26 views

Information Exposure in Apache Tapestry

Information Exposure vulnerability in context asset handling of Apache Tapestry allows an attacker to download files inside WEB-INF if using a specially-constructed URL. This was caused by an incomplete fix for CVE-2020-13953. This issue affects Apache Tapestry Apache Tapestry 5.4.0 version to...

7.5CVSS3.5AI score0.06559EPSS
Exploits0References6Affected Software1
vulnersOsv
vulnersOsv
added 2022/02/10 8:35 p.m.7 views

com.nhl.bootique.tapestry:bootique-tapestry (=0.1), de.julielab:julie-elastic-query-components (=1.0.3) +31 more potentially affected by CVE-2020-13953 via org.apache.tapestry:tapestry-core (>=5.4.0 <=5.5.0)

org.apache.tapestry:tapestry-core MAVEN version =5.4.0, =1.2.0, =0.2, =1.1, =1.2.0, =1.1.0, =5.4.0, =5.4.0, =5.4.0, =5.4.0, =5.4.0, =5.4.0, =5.5.0-beta-3 and more Source cves: CVE-2020-13953 Source advisory: OSV:GHSA-W9MP-P2WP-2XF7...

5.3CVSS6.4AI score0.02651EPSS
Exploits0
Cvelist
Cvelist
added 2021/11/23 7:59 p.m.10 views

CVE-2018-13953

...

Exploits0
Veracode
Veracode
added 2021/04/28 6:39 a.m.23 views

Information Disclosure

tapestry-core is vulnerable to information disclosure. Mishandling of URL allows an attacker to use malicious URL to list and download the JAVA webapp files from WEB-INF of the WAR being run. This CVE exists due to an incomplete fix for CVE-2020-13953...

7.5CVSS1.7AI score0.06559EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2021/04/27 7:15 p.m.20 views

CVE-2021-30638

Information Exposure vulnerability in context asset handling of Apache Tapestry allows an attacker to download files inside WEB-INF if using a specially-constructed URL. This was caused by an incomplete fix for CVE-2020-13953. This issue affects Apache Tapestry Apache Tapestry 5.4.0 version to...

7.5CVSS6.7AI score
Exploits0References4
Prion
Prion
added 2021/04/27 7:15 p.m.25 views

Information disclosure

Information Exposure vulnerability in context asset handling of Apache Tapestry allows an attacker to download files inside WEB-INF if using a specially-constructed URL. This was caused by an incomplete fix for CVE-2020-13953. This issue affects Apache Tapestry Apache Tapestry 5.4.0 version to...

5CVSS5.9AI score0.06559EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2021/04/27 6:30 p.m.101 views

CVE-2021-30638

CVE-2021-30638 is an information-exposure vulnerability in Apache Tapestry caused by an incomplete fix for CVE-2020-13953 in context asset handling. It affects Apache Tapestry versions 5.4.0 through 5.6.3, and 5.7.0 through 5.7.1. An attacker can construct a URL to download files inside WEB-INF, ...

7.5CVSS6.1AI score0.06559EPSS
Exploits0References4Affected Software1
Check Point Advisories
Check Point Advisories
added 2020/12/22 12:0 a.m.9 views

Apache Tapestry Information Disclosure (CVE-2020-13953)

An information disclosure vulnerability exists in Apache Tapestry. This vulnerability is due to URL manipulation that allows Java webapp files inside WEB-INF to be listed and downloaded...

5CVSS1.7AI score0.02651EPSS
Exploits0
OSV
OSV
added 2020/09/30 6:15 p.m.21 views

CVE-2020-13953

In Apache Tapestry from 5.4.0 to 5.5.0, crafting specific URLs, an attacker can download files inside the WEB-INF folder of the WAR being run...

5.3CVSS6.6AI score
Exploits0References2
Rows per page
Query Builder