250 matches found
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : curl vulnerabilities (USN-8487-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8487-1 advisory. Andrew Nesbitt discovered that curl could reuse an existing live connecti...
EUVD-2026-40707
Inappropriate implementation in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
EUVD-2026-40697
Inappropriate implementation in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
EUVD-2026-40622
Inappropriate implementation in Passwords in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
EUVD-2026-40600
Inappropriate implementation in Passwords in Google Chrome on Mac prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. Chromium security severity: Medium...
EUVD-2026-40504
Inappropriate implementation in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: High...
CVE-2026-13936
Inappropriate implementation in Passwords in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13914
Inappropriate implementation in Passwords in Google Chrome on Mac prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. Chromium security severity: Medium...
CVE-2026-14019
CVE-2026-14019 : Google Chrome contains an inappropriate implementation in Passwords that, before version 150.0.7871.47, enables a remote attacker to leak cross-origin data via a crafted HTML page. The vulnerability is categorized with a Medium Chromium severity; attack vector is network, with us...
CVE-2026-14009
The vulnerability CVE-2026-14009 affects Google Chrome (Passwords component) due to an inappropriate implementation, enabling remote exploitation to potentially cause heap corruption via a crafted HTML page. Affected builds are prior to 150.0.7871.47; the issue is described with a Chromium severi...
CVE-2026-13936
Technical details are not publicly available in the provided documents. Monitor for updates on CVE-2026-13936 for new information, and potential remediation guidance.
CVE-2026-13936
Inappropriate implementation in Passwords in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13914
The CVE-2026-13914 entry concerns Google Chrome on macOS with an insecure implementation in Password handling that could allow a local attacker to read potentially sensitive data from process memory via a malicious file. Affected software is Chrome for macOS; the issue is tied to versions prior t...
USN-8487-1: curl vulnerabilities
Andrew Nesbitt discovered that curl could reuse an existing live connection during STARTTLS-based connection upgrades even when the TLS configuration did not match. A remote attacker could possibly use this issue to cause curl to use an unintended TLS configuration. CVE-2026-8286 Muhamad Arga...
PT-2026-54236
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in the Passwords component allows a remote attacker to perform UI spoofing, which is the act of mimicking a legitimate user interface to deceive users, b...
PT-2026-54191
Name of the Vulnerable Software and Affected Versions Google Chrome on Mac versions prior to 150.0.7871.47 Description An inappropriate implementation in the Passwords component allows a local attacker to obtain potentially sensitive information from process memory by using a malicious file...
PT-2026-54095
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in the Passwords component allows a remote attacker to bypass navigation restrictions by using a crafted HTML page. Recommendations Update Google Chrome ...
PT-2026-53759
Name of the Vulnerable Software and Affected Versions Dgraph versions prior to 25.3.4 Description The checkUserPassword GraphQL query is susceptible to DQL Dgraph Query Language injection. This occurs because user-supplied password values are interpolated directly into a DQL checkpwd query using...
Chromium: CVE-2026-13034 Inappropriate implementation in Passwords
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-12446 Insufficient data validation in Passwords
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...