Lucene search
K

20148 matches found

Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.6 views

PT-2026-54166

Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description Side-channel information leakage in WebAuthentication allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. Side-channel information leakage...

9.6CVSS6AI score0.00413EPSS
Exploits0References446
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.6 views

PT-2026-54084

Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description A use after free issue exists in the Import component. This occurs when a remote attacker convinces a user to perform specific UI gestures, potentially leading to arbitrary code...

9.6CVSS6.6AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.11 views

PT-2026-54374

Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description A use after free issue exists where a remote attacker can potentially exploit heap corruption via a crafted HTML page. This occurs when a user is convinced to perform specific UI...

9.6CVSS6AI score0.00413EPSS
Exploits0References446
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.8 views

PT-2026-54089

Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input allows a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. This occurs when a user is convinced to...

9.8CVSS6.2AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.9 views

PT-2026-54054

Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in the iOSWeb component allows a remote attacker to potentially cause heap corruption, which occurs when memory in the heap area is...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.8 views

PT-2026-54120

Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. A...

9.8CVSS6.2AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.7 views

PT-2026-54195

Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description A use after free issue exists where a remote attacker could potentially exploit heap corruption by inducing the browser to process a crafted HTML page. Use after free is a memory...

9.8CVSS6AI score0.00413EPSS
Exploits0References445
NVD
NVD
added 2026/06/29 8:17 p.m.8 views

CVE-2026-43706

A double free issue was addressed with improved memory management. This issue is fixed in iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash...

6.5CVSS0.00182EPSS
Exploits0References2
CVE
CVE
added 2026/06/29 7:43 p.m.18 views

CVE-2026-43706

CVE-2026-43706 is a memory-management defect (double free) in libxslt affecting macOS Tahoe 26.5.2, iOS 26.5.2, and iPadOS 26.5.2. The root cause is a double-free in processing malicious web content, which may cause an unexpected process crash. Apple lists libxslt as the vulnerable component with...

6.5CVSS5.8AI score0.00182EPSS
Exploits0References2Affected Software3
NVD
NVD
added 2026/06/29 3:16 p.m.12 views

CVE-2026-55844

Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2025.5.0, The iOS companion app ignores the SSID allowlist for internal networks. The app uses SSID to detect when to use the internal URL, but whenever the app cannot find any other URL to ...

7.5CVSS0.00161EPSS
Exploits0References1
CVE
CVE
added 2026/06/29 2:19 p.m.24 views

CVE-2026-55844

The Home Assistant iOS companion app prior to 2025.5.0 ignores the SSID allowlist for internal networks. It uses SSID to decide when to use the internal URL, but if no other URL is available it falls back to the internal URL, which can expose the user’s token on unsecure networks. Affected compon...

7.5CVSS5.8AI score0.00161EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/29 2:19 p.m.5 views

CVE-2026-55844

Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2025.5.0, The iOS companion app ignores the SSID allowlist for internal networks. The app uses SSID to detect when to use the internal URL, but whenever the app cannot find any other URL to ...

7.5CVSS5.8AI score0.00161EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.11 views

PT-2026-53708

Name of the Vulnerable Software and Affected Versions Safari versions prior to 26.5.2 iOS versions prior to 26.5.2 iPadOS versions prior to 26.5.2 macOS Tahoe versions prior to 26.5.2 Description Improved input validation was implemented to prevent a malicious website from exfiltrating data...

4.3CVSS5.9AI score0.00205EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.10 views

PT-2026-53715

Name of the Vulnerable Software and Affected Versions Safari versions prior to 26.5.2 iOS versions prior to 26.5.2 iPadOS versions prior to 26.5.2 macOS Tahoe versions prior to 26.5.2 Description Processing maliciously crafted web content may lead to an unexpected Safari crash due to a stack...

6.5CVSS5.9AI score0.00284EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/29 12:0 a.m.12 views

PT-2026-53724

Name of the Vulnerable Software and Affected Versions Safari versions prior to 26.5.2 iOS versions prior to 26.5.2 iPadOS versions prior to 26.5.2 macOS Tahoe versions prior to 26.5.2 Description A path handling issue exists where processing maliciously crafted web content may disclose sensitive...

6.5CVSS5.8AI score0.00255EPSS
Exploits0References7
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.8 views

Astra Linux – Vulnerability in WebKit2GTK

This issue was addressed through improved state management. This issue is fixed in Safari 26.3, iOS 18.7.5, and iPadOS 18.7.5; iOS 26.3, and iPadOS 26.3; macOS Tahoe 26.3; and visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash...

8.8CVSS7.2AI score0.00229EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 12:17 p.m.4 views

MINI-429Q-CMCC-H4Q8

Bulletin has no description...

8.1CVSS5.7AI score0.00695EPSS
Exploits0
OSV
OSV
added 2026/06/22 6:16 p.m.6 views

UBUNTU-CVE-2026-50171

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, a Denial of Service DoS vulnerability exists in the @angular/common package of Angular. The formatNumber functio...

8.2CVSS5.8AI score0.00161EPSS
Exploits0References2
OSV
OSV
added 2026/06/22 6:16 p.m.4 views

UBUNTU-CVE-2026-50555

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.16, 20.3.24, and 19.2.25, a Cross-Site Scripting XSS vulnerability exists in @angular/platform-server's DOM emulation dependency domino wh...

8.6CVSS6AI score0.00167EPSS
Exploits0References2
OSV
OSV
added 2026/06/22 6:16 p.m.4 views

UBUNTU-CVE-2026-50170

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, a vulnerability was discovered in @angular/common when Server-Side Rendering SSR and hydration are enabled. The...

8.2CVSS5.8AI score0.00267EPSS
Exploits0References2
Rows per page
Query Builder