37 matches found
SUSE CVE-2026-11161
Inappropriate implementation in DataTransfer in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
Chromium: CVE-2026-11161 Insufficient data validation in DataTransfer
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
EUVD-2026-34622
Inappropriate implementation in DataTransfer in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11161
Inappropriate implementation in DataTransfer in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability, which was caused by improper implementation of the DataTransfer mechanism. This vulnerability could allow remote attackers to exploit the system by using...
PT-2026-46688
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in DataTransfer allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. Recommendations Update to version 149.0.7827.5...
Chromium: CVE-2026-8516 Insufficient validation of untrusted input in DataTransfer
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
CVE-2026-8516
Insufficient validation of untrusted input in DataTransfer in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity:...
EUVD-2026-30427
Insufficient validation of untrusted input in DataTransfer in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity:...
CVE-2026-8516
CVE-2026-8516 affects Google Chrome (pre-148.0.7778.168) where insufficient validation of untrusted input in DataTransfer could allow a remote attacker to obtain potentially sensitive information from process memory. The attack requires convincing a user to perform specific UI gestures via a craf...
CVE-2026-8516
Insufficient validation of untrusted input in DataTransfer in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity:...
PT-2026-41045
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.168 Description Insufficient validation of untrusted input in DataTransfer allows a remote attacker to obtain potentially sensitive information from process memory. This occurs when a user is convince...
Google Chrome 输入验证错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a vulnerability related to input validation. This vulnerability stemmed from insufficient validation of untrusted inputs in the DataTransfer component. It could allow remote attacke...
KLA91044 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions, spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Denial of...
Linux Distros Unpatched Vulnerability : CVE-2026-7989
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient data validation in DataTransfer in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perfo...
CVE-2026-7989
Insufficient data validation in DataTransfer in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...
PT-2026-38182
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description Insufficient data validation in DataTransfer allows a remote attacker who has compromised the renderer process to perform arbitrary read and write operations via a crafted HTML page...
EUVD-2025-0072
Malicious code in bioql PyPI...
Mediawiki - DataTransfer Extension Cross-Site Request Forgery (CSRF) and Cross-site Scripting (XSS)
Cross-Site Request Forgery CSRF, Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation Mediawiki - DataTransfer Extension allows Cross Site Request Forgery, Cross-Site Scripting XSS.This issue affects Mediawiki - DataTransf...
GHSA-C3H5-H73C-29HQ Mediawiki - DataTransfer Extension Cross-Site Request Forgery (CSRF) and Cross-site Scripting (XSS)
Cross-Site Request Forgery CSRF, Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation Mediawiki - DataTransfer Extension allows Cross Site Request Forgery, Cross-Site Scripting XSS.This issue affects Mediawiki - DataTransf...