Lucene search
+L

32 matches found

euvd
euvd
added 2026/07/01 12:34 a.m.6 views

EUVD-2026-40834

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Low...

6AI score0.00145EPSS
Exploits0References3
euvd
euvd
added 2026/07/01 12:34 a.m.8 views

EUVD-2026-40785

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00229EPSS
Exploits0References3
euvd
euvd
added 2026/07/01 12:34 a.m.7 views

EUVD-2026-40525

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00218EPSS
Exploits0References3
debiancve
debiancve
added 2026/06/30 10:39 p.m.6 views

CVE-2026-14147

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Low...

6.1CVSS6AI score0.00145EPSS
Exploits0
debiancve
debiancve
added 2026/06/30 10:39 p.m.8 views

CVE-2026-14145

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Low...

6.1CVSS6AI score0.00154EPSS
Exploits0
cve
cve
added 2026/06/30 10:39 p.m.21 views

CVE-2026-14145

CVE-2026-14145 corresponds to an UXSS issue in Google Chrome caused by an inappropriate CSS implementation, permitting a remote attacker to inject arbitrary scripts/HTML via a crafted HTML page. Affected software is Chrome (pre-150.0.7871.47). The underlying impact is confined to user-level data ...

6.1CVSS6AI score0.00154EPSS
Exploits0References2Affected Software1
debiancve
debiancve
added 2026/06/30 10:37 p.m.6 views

CVE-2026-13837

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.8AI score0.00245EPSS
Exploits0
cvelist
cvelist
added 2026/06/30 10:37 p.m.29 views

CVE-2026-13836

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: High...

0.0022EPSS
Exploits0References2
susecve
susecve
added 2026/06/07 4:43 a.m.11 views

SUSE CVE-2026-11155

Inappropriate implementation in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.5AI score0.00152EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/06/04 11:5 p.m.12 views

CVE-2026-11186

Inappropriate implementation in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6AI score0.00159EPSS
Exploits0References3Affected Software1
ptsecurity
ptsecurity
added 2026/06/02 12:0 a.m.12 views

PT-2026-46683

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in CSS allows a remote attacker to leak cross-origin data, which is information from a different domain than the one serving the page, by using a crafted...

9.6CVSS5.8AI score0.00985EPSS
Exploits0References434
ptsecurity
ptsecurity
added 2026/06/02 12:0 a.m.13 views

PT-2026-46713

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in CSS allows a remote attacker to perform Universal Cross-Site Scripting UXSS, which is the ability to execute scripts across different origins, by usin...

9.6CVSS6.1AI score0.00985EPSS
Exploits0References434
ubuntu
ubuntu
added 2026/04/29 1:50 p.m.10 views

USN-8223-1: Roundcube Webmail vulnerabilities

It was discovered that Roundcube Webmail mishandled Punycode xn-- domain names. An attacker could possibly use this issue to cause a homograph attack. CVE-2019-15237 It was discovered that Roundcube Webmail did not properly sanitize certain attributes when handling CSS within HTML messages and...

9.3CVSS7AI score0.5281EPSS
Exploits6
euvd
euvd
added 2026/03/04 9:32 p.m.6 views

EUVD-2026-9489

Inappropriate implementation in CSS in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...

6AI score0.00258EPSS
Exploits0References3
susecve
susecve
added 2023/02/15 5:58 a.m.5 views

SUSE CVE-2010-2264

The Cascading Style Sheets CSS implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages...

4.3CVSS6.1AI score0.02597EPSS
Exploits0References5
exploitpack
exploitpack
added 2016/11/10 12:0 a.m.42 views

Microsoft Internet Explorer 11109 - MSHTML PROPERTYDESC::Handle­Style­Component­Property Out-of-Bounds Read (MS16-104)

Microsoft Internet Explorer 11109 - MSHTML PROPERTYDESC::Handle­Style­Component­Property Out-of-Bounds Read MS16-104 // This Po­C attempts to exploit a memory disclosure bug in Microsoft Internet // Explorer 11. On x64 systems, this should cause an access violation when // run with page-heap...

0.5AI score
Exploits0
cnvd
cnvd
added 2015/05/14 12:0 a.m.9 views

Mozilla Thunderbird SVG Content and CSS Handling Buffer Overflow Vulnerability

Mozilla Thunderbird is a mail tool adapted from the mail widget of the Mozilla browser. A buffer overflow vulnerability exists in Mozilla Thunderbird's handling of SVG content and CSS, which allows remote attackers to exploit the vulnerability by submitting a specially crafted HTML message that c...

6.8CVSS7.6AI score0.04838EPSS
Exploits0References1
nessus
nessus
added 2011/09/21 12:0 a.m.16 views

Google Chrome < 14.0.835.163 Multiple Vulnerabilities

Binary data 800955.prm...

7.5CVSS7.3AI score0.0369EPSS
Exploits6References33
ubuntucve
ubuntucve
added 2011/06/29 5:55 p.m.32 views

CVE-2011-2347

Google Chrome before 12.0.742.112 does not properly handle Cascading Style Sheets CSS token sequences, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via unknown vectors...

6.8CVSS5.9AI score0.01193EPSS
Exploits0References2
ubuntucve
ubuntucve
added 2011/03/25 7:55 p.m.27 views

CVE-2011-1294

Google Chrome before 10.0.648.204 does not properly handle Cascading Style Sheets CSS token sequences, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale pointer."...

7.5CVSS6AI score0.01575EPSS
Exploits0References2
Rows per page
Query Builder