Lucene search
+L

2068 matches found

Vulnrichment
Vulnrichment
added 2026/05/19 12:30 p.m.17 views

CVE-2026-8964 Spoofing issue in the Popup Blocker component

Spoofing issue in the Popup Blocker component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...

5.8AI score0.00302EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2026/05/17 6:54 p.m.114 views

chrome-148-exploit-poc

World Fun Zone - 2026 Security Research Framework Conferen...

5.8AI score
Exploits0
NVD
NVD
added 2026/05/14 5:16 p.m.24 views

CVE-2025-62316

HCL AION is affected by a vulnerability where certain security-related HTTP response headers are not properly configured. Absence of these headers may reduce the effectiveness of browser-based security controls and could expose the application to limited security risks under specific conditions...

2.3CVSS0.00106EPSS
Exploits0References1
CVE
CVE
added 2026/05/14 4:8 p.m.17 views

CVE-2025-62316

Technical details are not publicly available in the provided documents. Monitor for updates on CVE-2025-62316 from the linked sources; no affected products, vectors, or remediation are stated.

2.3CVSS5.8AI score0.00106EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/14 4:8 p.m.14 views

CVE-2025-62316 HCL AION is affected by a vulnerability where certain security-related HTTP response headers are not properly configured

HCL AION is affected by a vulnerability where certain security-related HTTP response headers are not properly configured. Absence of these headers may reduce the effectiveness of browser-based security controls and could expose the application to limited security risks under specific conditions...

2.3CVSS5.8AI score0.00106EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/14 4:8 p.m.13 views

CVE-2025-62316

HCL AION is affected by a vulnerability where certain security-related HTTP response headers are not properly configured. Absence of these headers may reduce the effectiveness of browser-based security controls and could expose the application to limited security risks under specific conditions...

2.3CVSS5.8AI score0.00106EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/05/14 4:8 p.m.12 views

EUVD-2025-209856

HCL AION is affected by a vulnerability where certain security-related HTTP response headers are not properly configured. Absence of these headers may reduce the effectiveness of browser-based security controls and could expose the application to limited security risks under specific conditions...

2.3CVSS5.8AI score0.00106EPSS
Exploits0References1
NVD
NVD
added 2026/05/14 6:16 a.m.34 views

CVE-2026-6335

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.11 before 18.11.3 that under certain conditions could have allowed an authenticated user to execute arbitrary code in another user's browser session due to improper sanitization...

5.4CVSS0.00192EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.20 views

PT-2026-40957

HCL AION is affected by a vulnerability where certain security-related HTTP response headers are not properly configured. Absence of these headers may reduce the effectiveness of browser-based security controls and could expose the application to limited security risks under specific conditions...

2.3CVSS5.8AI score0.00106EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/08 2:27 a.m.15 views

SUSE CVE-2026-7927

Type Confusion in Runtime in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00292EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/05/07 2:0 p.m.15 views

Chromium: CVE-2026-7927 Type Confusion in Runtime

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS5.8AI score0.00292EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/05/06 7:20 p.m.19 views

thunderbird: firefox: Memory safety bugs fixed in Firefox ESR 115.34.1, Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of...

9.8CVSS5.9AI score0.0034EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2026/05/06 7:16 p.m.15 views

CVE-2026-7953

Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via malicious network traffic. Chromium security severity: Medium...

6.1CVSS5.8AI score0.00171EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/06 6:12 p.m.40 views

CVE-2026-7937

Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. Chromium security severity: Medium...

0.00143EPSS
Exploits0References2
OSV
OSV
added 2026/05/06 1:29 p.m.12 views

USN-8237-1 webkit2gtk vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS5.8AI score0.00961EPSS
Exploits2References20
CVE
CVE
added 2026/05/06 10:27 a.m.23 views

CVE-2025-59854

CVE-2025-59854 affects HCL DFXAnalytics and is caused by an insecure security header configuration: use of the outdated X-XSS-Protection header. This could allow a browser-specific rendering bypass or interfere with security controls that should be enforced by a robust Content Security Policy (CS...

6.1CVSS5.8AI score0.00123EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.15 views

OpenClaw 代码问题漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.8 had code vulnerabilities. These vulnerabilities stemmed from issues with Playwright’s redirection handling, involving server-side request forgery. This allowed attackers to...

6.5CVSS5.9AI score0.00188EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/23 6:30 p.m.13 views

EUVD-2026-25273

pretalx is a conference planning tool. Prior to 2026.1.0, The organiser search in the pretalx backend rendered submission titles, speaker display names, and user names/emails into the result dropdown using innerHTML string interpolation. Any user who controls one of those fields which includes an...

8.7CVSS5.8AI score0.00166EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/04/10 2:0 p.m.4 views

Microsoft Edge (Chromium-based) Spoofing Vulnerability

User interface ui misrepresentation of critical information in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

4.3CVSS5.5AI score0.00555EPSS
Exploits0
NVD
NVD
added 2026/04/08 10:16 p.m.4 views

CVE-2026-5891

Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS0.00206EPSS
Exploits0References2
Rows per page
Query Builder