Lucene search
K

25292 matches found

CVE
CVE
added 4 days ago9 views

CVE-2026-38059

The CVE-2026-38059 entry concerns iDirect iQ200 devices where the /api/identity and /api/ REST endpoints are exposed without authentication. An unauthenticated attacker with network access can retrieve sensitive device data including serial number, Device ID (DID), Terminal Private Key (TPK) iden...

8.7CVSS6.1AI score0.00592EPSS
Exploits0References3
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42908

The iDirect iQ200 exposes the /api/identity and /api/ REST API endpoints without authentication. An unauthenticated attacker with network access can retrieve sensitive device information including the serial number, Device ID DID, Terminal Private Key identifier TPK, MAC address, and exact firmwa...

8.7CVSS6.1AI score0.00592EPSS
Exploits0References3
NVD
NVD
added 5 days ago6 views

CVE-2026-0275

A local privilege escalation vulnerability in Palo Alto Networks Prisma® Browser allows a locally authenticated administrator with access to the macOS local filesystem to perform actions on the device with root privileges. This issue only affects Prisma® Browser on macOS...

5.4CVSS0.0011EPSS
Exploits0References1
CVE
CVE
added 5 days ago11 views

CVE-2026-0275

Prisma Browser on macOS is affected by a Local Privilege Escalation vulnerability. An administratively authenticated user with access to the macOS local filesystem can perform actions with root privileges, impacting the device’s security. The CVSS metrics indicate LOCAL attack vector, HIGH privil...

5.4CVSS6AI score0.0011EPSS
Exploits0References1
EUVD
EUVD
added 5 days ago8 views

EUVD-2026-42691

A local privilege escalation vulnerability in Palo Alto Networks Prisma® Browser allows a locally authenticated administrator with access to the macOS local filesystem to perform actions on the device with root privileges. This issue only affects Prisma® Browser on macOS...

5.4CVSS6AI score0.0011EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 5 days ago6 views

CVE-2026-0275

A local privilege escalation vulnerability in Palo Alto Networks Prisma® Browser allows a locally authenticated administrator with access to the macOS local filesystem to perform actions on the device with root privileges. This issue only affects Prisma® Browser on macOS...

5.4CVSS6AI score0.0011EPSS
Exploits0References2Affected Software1
Snyk
Snyk
added 6 days ago5 views

Improper Handling of Unicode Encoding

Overview Affected versions of this package are vulnerable to Improper Handling of Unicode Encoding in the process that applies exclusion directives from MANIFEST.in due to improper Unicode normalization handling on macOS APFS or HFS+ filesystems. An attacker can cause unintended files to be...

6.9CVSS6.1AI score0.00269EPSS
Exploits1References2
Cvelist
Cvelist
added 6 days ago34 views

CVE-2026-59890 setuptools: MANIFEST.in exclusion bypass in sdist via Unicode normalization collision (NFC/NFD) on macOS APFS/HFS+

setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. Prior to 83.0.0, FileList applied MANIFEST.in exclude, global-exclude, recursive-exclude, and prune directives by matching compiled glob patterns against on-disk file names without Unico...

6.1CVSS0.00269EPSS
Exploits1References3
Google Chrome Security Advisories
Google Chrome Security Advisories
added 6 days ago8 views

Stable Channel Update for Desktop

The Stable channel has been updated to 150.0.7871.114/.115 for Windows and Mac and 150.0.7871.114 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log Security Fixes and Rewards Note: Access to bug details and links may be kept...

9.6CVSS5.9AI score0.00306EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2026/07/06 6:30 a.m.37 views

CVE-2026-14802 react create-react-app react-dev-utils openBrowser.js startBrowserProcess os command injection

A vulnerability was detected in react create-react-app up to 5.0.1 on macOS. This affects the function startBrowserProcess of the file openBrowser.js of the component react-dev-utils. Performing a manipulation results in os command injection. Remote exploitation of the attack is possible. The...

7.5CVSS0.01324EPSS
Exploits0References6
NVD
NVD
added 2026/07/04 9:16 a.m.9 views

CVE-2026-14621

A vulnerability has been found in FederatedAI FATE up to 2.2.0. This affects the function QueuePushReqStreamObserver.initEggroll of the file java/osx/osx-broker/src/main/java/org/fedai/osx/broker/grpc/QueuePushReqStreamObserver.java of the component OSX Broker. Such manipulation of the argument...

3.1CVSS0.00299EPSS
Exploits0References7
EUVD
EUVD
added 2026/07/02 12:31 a.m.8 views

EUVD-2026-41199

Use after free in Dawn in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.8AI score0.00215EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/02 12:31 a.m.8 views

EUVD-2026-41155

Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

6.1AI score0.00327EPSS
Exploits0References3
OSV
OSV
added 2026/07/01 11:16 p.m.3 views

DEBIAN-CVE-2026-14397

Out of bounds write in ANGLE in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.8AI score0.00253EPSS
Exploits0References1
NVD
NVD
added 2026/07/01 11:16 p.m.8 views

CVE-2026-14397

Out of bounds write in ANGLE in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS0.00253EPSS
Exploits0References2
OSV
OSV
added 2026/07/01 11:16 p.m.2 views

DEBIAN-CVE-2026-14385

Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.1AI score0.00327EPSS
Exploits0References1
NVD
NVD
added 2026/07/01 11:16 p.m.6 views

CVE-2026-14385

Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00327EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/01 10:22 p.m.7 views

CVE-2026-14424

Use after free in Dawn in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.8AI score0.00215EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/07/01 10:22 p.m.4 views

CVE-2026-14424

Use after free in Dawn in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.8AI score0.00215EPSS
Exploits0
CVE
CVE
added 2026/07/01 10:22 p.m.29 views

CVE-2026-14424

CVE-2026-14424 affects Dawn in Google Chrome on macOS prior to 150.0.7871.46. A use-after-free vulnerability in Dawn could allow a remote attacker to potentially escape the sandbox via a crafted HTML page, with Chromium severity listed as High. The available documents consistently describe the tr...

9.6CVSS5.8AI score0.00215EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder