Lucene search
K

1247 matches found

SUSE CVE
SUSE CVE
added 2026/06/07 4:40 a.m.8 views

SUSE CVE-2026-11258

Inappropriate implementation in File System Access in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. Chromium security severity: Low...

6.5CVSS5.5AI score0.00201EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/06/05 2:0 p.m.11 views

Chromium: CVE-2026-11258 Inappropriate implementation in File System Access

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.5CVSS5.4AI score0.00201EPSS
Exploits0
NVD
NVD
added 2026/06/05 12:17 a.m.12 views

CVE-2026-11258

Inappropriate implementation in File System Access in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. Chromium security severity: Low...

6.5CVSS0.00201EPSS
Exploits0References2
OSV
OSV
added 2026/06/05 12:17 a.m.4 views

DEBIAN-CVE-2026-11258

Inappropriate implementation in File System Access in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. Chromium security severity: Low...

6.5CVSS5.5AI score0.00201EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 11:6 p.m.7 views

CVE-2026-11258

Inappropriate implementation in File System Access in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. Chromium security severity: Low...

5.5AI score0.00201EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/04 11:6 p.m.7 views

CVE-2026-11258

Inappropriate implementation in File System Access in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. Chromium security severity: Low...

6.5CVSS5.5AI score0.00201EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/06/04 11:6 p.m.10 views

CVE-2026-11258

Inappropriate implementation in File System Access in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. Chromium security severity: Low...

6.5CVSS5.5AI score0.00201EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/04 11:6 p.m.41 views

CVE-2026-11258

Inappropriate implementation in File System Access in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. Chromium security severity: Low...

0.00201EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2026/06/04 11:19 a.m.16 views

FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads

Cybersecurity researchers have shed light on a macOS malvertising campaign codenamed Operation FlutterBridge that spreads a new backdoor called FlutterShell. According to Palo Alto Networks Unit 42, the campaign is said to be the next stage of a previously reported activity cluster dubbed...

6.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.15 views

PT-2026-46785

Inappropriate implementation in File System Access in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00201EPSS
Exploits0References3
OSV
OSV
added 2026/05/31 12:0 a.m.39 views

RLSA-2026:21745 Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr...

7.8CVSS6.6AI score0.00514EPSS
Exploits0References19
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.15 views

HP LaserJet Printers Path Traversal (CVE-2010-4107)

The default configuration of the PJL Access value in the File System External Access settings on HP LaserJet MFP printers, Color LaserJet MFP printers, and LaserJet 4100, 4200, 4300, 5100, 8150, and 9000 printers enables PJL commands that use the device's filesystem, which allows remote attackers...

7.8CVSS6AI score0.1313EPSS
Exploits14References10
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in WebKit2GTK

The issue was resolved by improving access restrictions to the file system. This issue is fixed in Safari 18.3, iOS 18.3, iPadOS 18.3, macOS Sequoia 15.3, and visionOS 2.3. A maliciously crafted webpage may be able to obtain user fingerprints...

6.5CVSS6.9AI score0.00798EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/20 12:0 a.m.8 views

Dell SmartFabric Storage Software 命令注入漏洞

Dell SmartFabric Storage Software is an independent storage software solution provided by the American company Dell. Versions of Dell SmartFabric Storage Software prior to 1.4.5 contained a command injection vulnerability. This vulnerability stemmed from improper handling of special elements with...

6.7CVSS5.8AI score0.00451EPSS
Exploits0References1
OSV
OSV
added 2026/05/18 10:6 a.m.9 views

MAL-2026-3829 Malicious code in pyenvprep (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 963727b60e7fa8536050eb0f4691dc8bec6089567630063305d05ddceb4834cd Package contains code to silently execute a RAT-like agent, allowing the attacker to access the file system and execute arbitrary code. --- Category: MALICIOUS...

6.2AI score
Exploits0References1
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.8 views

Grafana OSS 安全漏洞

Grafana OSS is an open-source visualization dashboard developed by Grafana. There is a security vulnerability in Grafana OSS, which stems from vulnerabilities in SQL expressions. This vulnerability could allow authenticated attackers to read arbitrary files from the Grafana server’s file system...

6.3CVSS6AI score0.00262EPSS
Exploits0References1
OSV
OSV
added 2026/05/06 8:59 p.m.6 views

GHSA-X597-9FR4-5857 Hugo's Node tool execution allows file system access outside the project directory

Impact When building a Hugo site that uses Node-based asset pipelines PostCSS, Babel, TailwindCSS, Hugo invoked the configured Node tools without restrictions on file system access. As a result, executing hugo against an untrusted site could allow code running through these tools to read or write...

8.6CVSS5.8AI score0.00274EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/23 12:0 a.m.12 views

Luanti 代码注入漏洞

Luanti is an open-source voxel game engine developed by Luanti itself, supporting mods and game creation. Versions of Luanti from 5.0.0 to 5.15.2 had a code injection vulnerability. This vulnerability stemmed from the ability of malicious mods to escape the sandbox Lua environment, potentially...

10CVSS6.3AI score0.00374EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/21 12:0 a.m.14 views

PT-2026-34037

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.5, ClearanceKit incorrectly treats a process with an empty Team ID and a non-empty Signing ID as an Apple platform binary. This bug allows a malicious software to impersonate an apple...

8.4CVSS5.8AI score0.00134EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.12 views

excel-mcp-server 路径遍历漏洞

excel-mcp-server is an Excel file operation server developed by Haris, a personal developer. It supports the creation, reading, and modification of workbooks. Versions of excel-mcp-server prior to 0.1.7 have a path traversal vulnerability. This vulnerability stems from the getexcelpath function n...

9.4CVSS5.8AI score0.00391EPSS
Exploits0References1
Rows per page
Query Builder