9 matches found
SUSE CVE-2026-12032
Inappropriate implementation in Passwords in Google Chrome on Android prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...
EUVD-2026-34386
Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...
CVE-2026-11209
Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11209
Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
EUVD-2026-9377
SEPPmail Secure Email Gateway before version 15.0.1 insufficiently neutralizes the PDF encryption password, allowing OS command execution...
CVE-2026-24038 Horilla HR has 2FA Bypass through its OTP Handling Logic
Horilla is a free and open source Human Resource Management System HRMS. In version 1.4.0, the OTP handling logic has a flawed equality check that can be bypassed. When an OTP expires, the server returns None, and if an attacker omits the otp field from their POST request, the user-supplied OTP i...
CVE-2025-11786
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'SetUserPassword' function, the 'newPassword' parameter is directly embedded in a shell command string using 'sprintf' without any sanitisation or validation, and then executed using 'system'. This allows a...
PT-2025-48765
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 143.0.7499.41 Description An issue existed in the Passwords feature of Google Chrome that allowed a local attacker to bypass authentication with physical access to the device. The security severity was rated as...
IBM WebSphere Application Server Information Disclosure Vulnerability (CNVD-2018-24363)
IBM Cloud is a set of open-standard cloud platforms from IBM in the U.S. WebSphere Application Server is one of the application server products, which is a platform for Java EE and Web service applications, and the foundation of the IBM WebSphere software platform. A security vulnerability exists...