Lucene search
K

739 matches found

NVD
NVD
added 2026/06/30 11:17 p.m.5 views

CVE-2026-13990

Insufficient validation of untrusted input in DataTransfer in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00194EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.2 views

DEBIAN-CVE-2026-13944

Inappropriate implementation in DataTransfer in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

3.1CVSS5.8AI score0.00174EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 11:17 p.m.5 views

CVE-2026-13944

Inappropriate implementation in DataTransfer in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

3.1CVSS0.00174EPSS
Exploits0References2
NVD
NVD
added 2026/06/30 11:17 p.m.11 views

CVE-2026-13874

Race in DataTransfer in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS0.00198EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:38 p.m.16 views

CVE-2026-13990

CVE-2026-13990 affects Google Chrome on Windows, where insufficient validation of untrusted input in DataTransfer can allow a renderer-priviliged attacker to spoof UI via a crafted HTML page. The vulnerability arises from improper input handling in DataTransfer that enables UI spoofing when an at...

6.5CVSS5.8AI score0.00194EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.23 views

CVE-2026-13990

Insufficient validation of untrusted input in DataTransfer in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

0.00194EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.24 views

CVE-2026-13944

Inappropriate implementation in DataTransfer in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

0.00174EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.5 views

CVE-2026-13874

Race in DataTransfer in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS5.8AI score0.00198EPSS
Exploits0
CVE
CVE
added 2026/06/30 10:38 p.m.135 views

CVE-2026-13874

CVE-2026-13874 describes a race in DataTransfer in Google Chrome (Chromium) prior to version 150.0.7871.47 that could allow a remote attacker to read potentially sensitive information from a process’s memory via a crafted HTML page. The issue is a data race in the DataTransfer pathway, with a net...

5.3CVSS5.8AI score0.00198EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.4 views

PT-2026-54151

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A race condition in the DataTransfer component allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. Recommendations...

9.6CVSS6AI score0.00413EPSS
Exploits0References438
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.4 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw: dmamux: fix OF node leak on route allocation failure Make sure that the reference to the DMA master OF node is also removed during late route allocation failures...

5.5CVSS6AI score0.00183EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

A stack buffer overflow in the Data Transfer component of Google Chrome on Linux, prior to version 88.0.4324.182, allowed a remote attacker to perform out-of-bounds memory access through a crafted HTML page...

8.8CVSS8.1AI score0.01468EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/13 12:34 a.m.12 views

EUVD-2026-36606

An attacker could cooperatively pass data from one secure GPU process to another secure GPU process through shared secure memory allocations in the kernel module. Additionally, an attacker could disrupt the operation of another secure GPU process leading to image corruption / GPU hardware recover...

5.4AI score0.00106EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/07 5:7 a.m.10 views

CVE-2026-11161

An insufficient data validation flaw was found in the DataTransfer component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=501920294...

7.4CVSS5.4AI score0.00152EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.11 views

CVE-2026-42467

An issue was discovered in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe 2025-11-30 in SAEJ1939ReadBinaryDataTransferDM16 causing a denial of service via crafted CAN frame on the J1939 bus...

7.5CVSS5.5AI score0.00268EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:42 p.m.10 views

CVE-2025-36180

IBM watsonx.data 2.2 through 2.3 IBM Lakehouse does not properly restrict communication between pods which could allow an attacker to transfer data between pods without restrictions...

7.5CVSS5.4AI score0.00186EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:14 p.m.14 views

CVE-2026-37537

collin80/Open-SAE-J1939 thru commit 744024d4306bc387857dfce439558336806acb06 2023-03-08 contains an integer underflow leading to out-of-bounds write in Transport Protocol Data Transfer handling. At line 23: uint8t index = data0 - 1. When data0 sequence number from CAN frame is 0, index underflows...

8.1CVSS5.7AI score0.0022EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 11:17 p.m.8 views

CVE-2026-11161

Inappropriate implementation in DataTransfer in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS0.00152EPSS
Exploits0References2
OSV
OSV
added 2026/06/04 11:17 p.m.5 views

DEBIAN-CVE-2026-11161

Inappropriate implementation in DataTransfer in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.5AI score0.00152EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/04 11:5 p.m.6 views

CVE-2026-11161

Inappropriate implementation in DataTransfer in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00152EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder