Lucene search
K

117 matches found

EUVD
EUVD
added 5 days ago8 views

EUVD-2026-42457

Inappropriate implementation in Forms in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: High...

6.1AI score0.00139EPSS
Exploits0References3
OSV
OSV
added 2026/06/30 11:17 p.m.4 views

DEBIAN-CVE-2026-14147

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Low...

6.1CVSS6AI score0.00145EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/30 10:39 p.m.25 views

CVE-2026-14129

Inappropriate implementation in PreviewTab in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

0.00154EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.12 views

PT-2026-54404

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description An inappropriate implementation in the PreviewTab allows a remote attacker to perform UI spoofing via a crafted HTML page. This occurs when a user is convinced to engage in...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
OSV
OSV
added 2026/06/29 11:50 a.m.5 views

PYSEC-2026-522 ReportLab vulnerable to remote code execution via paraparser

paraparser in ReportLab before 3.5.31 allows remote code execution because startunichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with 'unichar code="' followed by arbitrary Python code, a similar issue to CVE-2019-17626...

9.8CVSS8AI score0.04452EPSS
Exploits0References10
EUVD
EUVD
added 2026/06/22 12:40 p.m.9 views

EUVD-2026-38232

Use After Free in libxml2's xmlParseInternalSubset from GNOME libxml2 version 2.9.11 to 2.11.0 allows a remote attacker to cause a denial-of-service via maliciously crafted XML input with improper entity resolution handling...

8.3CVSS5.9AI score0.00289EPSS
Exploits0References2
OSV
OSV
added 2026/06/12 11:28 p.m.11 views

MGASA-2026-0204 Updated expat packages fix security vulnerabilities

CVE-2026-45186 the computational complexity of attribute name collision checks allows a denial of service via moderately sized crafted XML input...

7.5CVSS5.2AI score0.00428EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.20 views

Google Chrome 输入验证错误漏洞

Google Chrome is a cross-platform web browser developed by Google. It is primarily used for accessing the internet and running web applications. Google Chrome has a security vulnerability that stems from improper handling of implementation logic in extensions. A remote attacker can exploit this...

3.1CVSS5.9AI score0.00208EPSS
Exploits0References2
OSV
OSV
added 2026/06/09 12:16 a.m.6 views

DEBIAN-CVE-2026-11645

Out of bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.01654EPSS
Exploits4References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.15 views

PT-2026-47813

Name of the Vulnerable Software and Affected Versions Schneider Electric Data Center Expert affected versions not specified Description An Improper Restriction of XML External Entity Reference XXE issue exists, which occurs when an application fails to restrict XML external entity references,...

7.1CVSS6.6AI score0.00233EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/08 11:27 p.m.10 views

CVE-2026-11694

Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

7.5CVSS6AI score0.00214EPSS
Exploits0References3Affected Software1
SUSE CVE
SUSE CVE
added 2026/06/07 4:40 a.m.8 views

SUSE CVE-2026-11244

Insufficient validation of untrusted input in WebAuthentication in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

3.1CVSS5.5AI score0.00207EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/05 12:31 a.m.10 views

EUVD-2026-34355

Use after free in WebAuthentication in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

7.5CVSS5.8AI score0.00326EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-11035

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via a...

7.3CVSS5.3AI score0.00079EPSS
Exploits0References2
OSV
OSV
added 2026/06/04 11:17 p.m.7 views

DEBIAN-CVE-2026-11035

Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via a crafted XML file. Chromium security severity: Medium...

7.3CVSS5.5AI score0.00079EPSS
Exploits0References1
OSV
OSV
added 2026/06/04 11:16 p.m.8 views

DEBIAN-CVE-2026-10884

Use after free in Chromecast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.5AI score0.00286EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 11:6 p.m.63 views

CVE-2026-11287

CVE-2026-11287 : Google Chrome on Android is affected (before 149.0.7827.53). The issue is insufficient policy enforcement in Navigation, allowing a renderer-compromised page to bypass navigation restrictions via a crafted HTML page. Root cause: policy enforcement gap in navigation. Impact per CV...

6.5CVSS5.8AI score0.00233EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/04 11:4 p.m.38 views

CVE-2026-11020

CVE-2026-11020 concerns Google Chrome (Chromium-based) extensions. The initial description and connected advisories confirm an inappropriate implementation in Extensions that could allow a remote attacker to leak cross-origin data via a crafted XML file. The vulnerability is tied to Chrome versio...

6.5CVSS5.8AI score0.00221EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/04 11:4 p.m.39 views

CVE-2026-11020

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted XML file. Chromium security severity: Medium...

0.00221EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.20 views

PT-2026-46700

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An out of bounds write occurs in V8, the JavaScript and WebAssembly engine. This allows a remote attacker who has already compromised the renderer process to execute arbitrary code with...

9.6CVSS6.4AI score0.00985EPSS
Exploits0References434
Rows per page
Query Builder