Lucene search
K

9803 matches found

OSV
OSV
added 2026/05/22 4:16 p.m.6 views

UBUNTU-CVE-2026-27136

Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering...

6.1CVSS6AI score0.00178EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.10 views

RockyLinux 8 : python3 (RLSA-2026:1631)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:1631 advisory. cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service CVE-2025-12084 Tenable has extracted the preceding description block...

6.3CVSS6.8AI score0.00696EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.13 views

Unity Linux 20.1060e / 20.1070e Security Update: jdom2 (UTSA-2026-016676)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016676 advisory. An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request. Tenable has extracted the preceding...

7.5CVSS6.8AI score0.19442EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/05/21 7:52 p.m.10 views

CVE-2026-8947

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the DOM: Bindings WebIDL component...

7.5CVSS5.7AI score0.00413EPSS
Exploits0References5
Rockylinux
Rockylinux
added 2026/05/21 4:24 p.m.9 views

python3 security update

An update is available for python3. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming language,...

6.3CVSS5.8AI score0.00696EPSS
Exploits0
SUSE Linux
SUSE Linux
added 2026/05/21 1:34 p.m.5 views

Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issue Update to Firefox Extended Support Release 140.11.0 ESR MFSA 2026-48 bsc1265212 CVE-2026-8388: Incorrect boundary conditions in the JavaScript Engine: JIT component. CVE-2026-8391: Other issue in the JavaScript Engine component...

8.8CVSS5.9AI score0.00605EPSS
Exploits0References42
OSV
OSV
added 2026/05/20 8:16 p.m.7 views

DEBIAN-CVE-2026-9126

Use after free in DOM in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00396EPSS
Exploits0References1
NVD
NVD
added 2026/05/20 8:16 p.m.12 views

CVE-2026-47099

TeleJSON prior to 6.0.0 contains a DOM-based cross-site scripting vulnerability in the parse function that allows attackers to execute arbitrary JavaScript by delivering a crafted JSON payload containing a malicious constructor-name property value. The custom reviver passes the constructor name...

6.1CVSS0.00358EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/20 8:16 p.m.9 views

CVE-2026-9126

Use after free in DOM in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00396EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/20 7:12 p.m.8 views

CVE-2026-9126

Use after free in DOM in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

6.2AI score0.00396EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/20 7:12 p.m.7 views

CVE-2026-9126

Use after free in DOM in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00396EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/05/20 7:12 p.m.9 views

CVE-2026-9126

Use after free in DOM in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00396EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/20 7:12 p.m.36 views

CVE-2026-9126

Use after free in DOM in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

0.00396EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/20 6:0 p.m.9 views

CVE-2026-47099 TeleJSON < 6.0.0 DOM-based XSS via parse() Function

TeleJSON prior to 6.0.0 contains a DOM-based cross-site scripting vulnerability in the parse function that allows attackers to execute arbitrary JavaScript by delivering a crafted JSON payload containing a malicious constructor-name property value. The custom reviver passes the constructor name...

6.1CVSS6AI score0.00358EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/20 6:0 p.m.7 views

CVE-2026-47099

TeleJSON prior to 6.0.0 contains a DOM-based cross-site scripting vulnerability in the parse function that allows attackers to execute arbitrary JavaScript by delivering a crafted JSON payload containing a malicious constructor-name property value. The custom reviver passes the constructor name...

6.1CVSS6AI score0.00358EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/05/20 2:23 p.m.10 views

firefox: thunderbird: Mitigation bypass in the DOM: Security component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

9.8CVSS5.7AI score0.00309EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/20 2:23 p.m.11 views

firefox: thunderbird: Use-after-free in the DOM: Core & HTML component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the DOM: Core & HTML component...

7.5CVSS5.7AI score0.00586EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/20 7:37 a.m.12 views

firefox: thunderbird: Mitigation bypass in the DOM: Security component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

9.8CVSS5.7AI score0.00309EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/20 7:37 a.m.9 views

firefox: thunderbird: Incorrect boundary conditions in the DOM: Device Interfaces component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the DOM: Device Interfaces component...

6.5CVSS5.7AI score0.00231EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/20 7:37 a.m.8 views

firefox: thunderbird: Use-after-free in the DOM: Core & HTML component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the DOM: Core & HTML component...

7.5CVSS5.7AI score0.00586EPSS
Exploits0References6
Rows per page
Query Builder