Lucene search
K

317 matches found

Positive Technologies
Positive Technologies
added 3 days ago6 views

PT-2026-57918

Name of the Vulnerable Software and Affected Versions Crypt::OpenSSL::X509 versions prior to 2.1.3 Description A heap out-of-bounds read occurs when processing a long certificate extension Object Identifier OID in hv exts. This happens during the construction of the extension hash through the...

6.1AI score0.00222EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-14142

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform...

5.4CVSS6.2AI score0.00173EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.9 views

Google Chrome < 150.0.7871.46 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 150.0.7871.46. It is, therefore, affected by multiple vulnerabilities as referenced in the 202606stable-channel-update-for-desktop0175352312 advisory. - Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed...

10CVSS6.5AI score0.00479EPSS
Exploits0References867
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-14111

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebProtect in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to execute...

8.1CVSS6.4AI score0.00306EPSS
Exploits0References2
NVD
NVD
added 2026/06/30 11:17 p.m.6 views

CVE-2026-14142

Inappropriate implementation in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.4CVSS0.00173EPSS
Exploits0References2
CNVD
CNVD
added 2026/06/30 12:0 a.m.4 views

Google Chrome Input Validation Vulnerability (CNVD-2026-26522)

Google Chrome is a cross-platform web browser developed by Google Inc. of the United States. There is a security vulnerability in Google Chrome. This vulnerability stems from improper implementations in extensions. Attackers can exploit this vulnerability to bypass the origin policy using a...

4.2CVSS5.9AI score0.00137EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/18 1:59 a.m.11 views

SUSE CVE-2026-12457

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

4.2CVSS5.2AI score0.00136EPSS
Exploits0References3
NVD
NVD
added 2026/06/11 10:16 p.m.14 views

CVE-2026-12017

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

3.1CVSS0.00208EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.12 views

PT-2026-47479

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.103 Description An inappropriate implementation in Extensions allows a remote attacker who has compromised the renderer process to bypass site isolation using a crafted HTML page. Site isolation is a...

9.6CVSS6AI score0.01654EPSS
Exploits4References85
Microsoft CVE
Microsoft CVE
added 2026/06/05 2:0 p.m.13 views

Chromium: CVE-2026-11308 Inappropriate implementation in Extensions

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.3CVSS5.4AI score0.00099EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/06/05 2:0 p.m.11 views

Chromium: CVE-2026-11020 Inappropriate implementation in Extensions

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.5CVSS5.4AI score0.00221EPSS
Exploits0
EUVD
EUVD
added 2026/06/05 12:31 a.m.10 views

EUVD-2026-34475

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. Chromium security severity: Medium...

5.8AI score0.00166EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-11190

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to...

6.5CVSS5.4AI score0.00165EPSS
Exploits0References2
OSV
OSV
added 2026/06/04 11:17 p.m.11 views

DEBIAN-CVE-2026-11048

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension. Chromium security severity: Medium...

6.5CVSS5.4AI score0.00158EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/04 11:6 p.m.46 views

CVE-2026-11308

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to perform privilege escalation via a crafted Chrome Extension. Chromium security severity: Low...

0.00099EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/04 11:4 p.m.8 views

CVE-2026-11026

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. Chromium security severity: Medium...

6.5CVSS5.4AI score0.00166EPSS
Exploits0
CVE
CVE
added 2026/06/04 11:4 p.m.39 views

CVE-2026-11020

CVE-2026-11020 concerns Google Chrome (Chromium-based) extensions. The initial description and connected advisories confirm an inappropriate implementation in Extensions that could allow a remote attacker to leak cross-origin data via a crafted XML file. The vulnerability is tied to Chrome versio...

6.5CVSS5.8AI score0.00221EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/03 6:16 p.m.17 views

CVE-2026-8888

The CVE-2026-8888 entry applies to the Securly Chrome Extension (v3.0.7). It downloads config.json over HTTP and compiles server-provided patterns as JavaScript regular expressions via new RegExp() without complexity validation, enabling an on-path attacker to inject patterns that cause catastrop...

7.5CVSS5.8AI score0.00432EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/06/03 6:13 p.m.17 views

CVE-2026-8881

The CVE-2026-8881 entry affects the Securly Chrome Extension (version 3.0.7). It relies on EVP_BytesToKey with MD5 and a single iteration for AES encryption. The description notes that MD5 has been broken since 2004 and a single iteration provides no key stretching, which weakens the cryptographi...

7.5CVSS5.7AI score0.00163EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability caused by improper implementations in extension components. Attackers could exploit this vulnerability by using specially crafted Chrome...

6.5CVSS5.8AI score0.00158EPSS
Exploits0References3
Rows per page
Query Builder