Lucene search
K

10 matches found

CVE
CVE
added 2026/06/30 10:39 p.m.12 views

CVE-2026-14050

Technical details are not publicly available in the provided documents. Monitor for updates on CVE-2026-14050.

6.5CVSS5.8AI score0.00247EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/30 10:39 p.m.24 views

CVE-2026-14050

Insufficient policy enforcement in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

0.00247EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.5 views

CVE-2026-13937

Insufficient policy enforcement in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00288EPSS
Exploits0
NVD
NVD
added 2026/06/19 10:16 p.m.17 views

CVE-2026-56080

Capgo before 12.128.2 contains a flaw in the Enforce Password Policy feature: after a Super Admin enables the policy and successfully changes their password to a compliant one, the backend does not update the password-compliance state. As a result, the backend continues to treat the account as...

6.9CVSS0.00299EPSS
Exploits0References2
OSV
OSV
added 2026/06/09 12:16 a.m.6 views

DEBIAN-CVE-2026-11689

Insufficient policy enforcement in Passwords in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

8.1CVSS5.4AI score0.00218EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/15 7:4 p.m.4 views

CVE-2026-6312

Insufficient policy enforcement in Passwords in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00219EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 11:22 p.m.4 views

CVE-2022-45635

An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows attacker to gain access to sensitive account information via insecure password policy...

7.5CVSS7AI score0.00783EPSS
Exploits2References1
OSV
OSV
added 2019/04/02 2:29 p.m.3 views

CVE-2018-1680

IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 145236...

7.5CVSS5.8AI score0.01484EPSS
Exploits0References2
CNVD
CNVD
added 2017/06/15 12:0 a.m.6 views

IBM BigFix Security Compliance Analytics Weak Default Password Vulnerability

IBM BigFix Security Compliance Analytics is a suite of systems management software from IBM in the United States. The software provides remote control, patch management, software distribution, operating system deployment, network access protection and other functions. A security vulnerability...

9.8CVSS7AI score0.01661EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2014/10/01 6:10 p.m.7 views

CXF: UsernameTokens are sent in plaintext with a Symmetric EncryptBeforeSigning policy

It was discovered that UsernameTokens were sent in plain text by an Apache CXF client that used a Symmetric EncryptBeforeSigning password policy. A man-in-the-middle attacker could use this flaw to obtain the user name and password used by the client application using Apache CXF...

4.3CVSS7.3AI score0.07053EPSS
Exploits0References4
Rows per page
Query Builder