CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

41 matches found

CVE-2026-11657

Use after free in Payments in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

0.0008EPSS

Exploits0References2

Tenable Nessus•added 5 days ago•5 views

Oracle E-Business Suite (May 2026 CSPU)

The versions of Oracle E-Business Suite installed on the remote host are affected by multiple vulnerabilities as referenced in the May 2026 CSPU advisory. - Vulnerability in the Oracle iAssets product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected...

9.9CVSS5.8AI score0.00114EPSS

Exploits0References13

Vulnrichment•added 6 days ago•4 views

CVE-2026-11148

Inappropriate implementation in Payments in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.5AI score0.00007EPSS

Exploits0References2

Debian CVE•added 6 days ago•5 views

CVE-2026-11019

Inappropriate implementation in Payments in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00025EPSS

Exploits0

NVD•added 2026/05/23 5:16 a.m.•9 views

CVE-2026-9284

The WooCommerce PayPal Payments plugin for WordPress is vulnerable to unauthorized order manipulation and information disclosure due to missing authorization checks on the ppc-create-order and ppc-get-order WC-AJAX endpoints in all versions up to, and including, 4.0.1. The ppc-create-order endpoi...

8.2CVSS0.00077EPSS

Exploits0References6

Kaspersky•added 2026/05/21 12:0 a.m.•11 views

KLA91070 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Tab Groups can be...

8.8CVSS6.6AI score0.00086EPSS

Exploits0References21

Microsoft CVE•added 2026/05/16 12:21 a.m.•12 views

Chromium: CVE-2026-8566 Insufficient policy enforcement in Payments

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

4.3CVSS5.8AI score0.00025EPSS

Exploits0

Kaspersky•added 2026/05/12 12:0 a.m.•11 views

KLA91044 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions, spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Denial of...

9.6CVSS6.6AI score0.00148EPSS

Exploits0References3

NVD•added 2026/05/06 7:16 p.m.•3 views

CVE-2026-7993

Insufficient validation of untrusted input in Payments in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS0.00087EPSS

Exploits0References2

Positive Technologies•added 2026/05/06 12:0 a.m.•7 views

PT-2026-38186

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.96 Description Insufficient validation of untrusted input in Payments allows a remote attacker who has compromised the renderer process to spoof the contents of the Omnibox URL bar using a...

9.6CVSS5.8AI score0.00161EPSS

Exploits0References134

CNVD•added 2026/04/16 12:0 a.m.•6 views

Google Chrome Payments Memory Misreference Vulnerability

Google Chrome is a web browser developed by Google. A memory misreference vulnerability exists in Google Chrome. The vulnerability stems from a failure of the Payments component for Android to properly handle memory objects, which can be exploited by an attacker to execute arbitrary code by...

7.5CVSS6.2AI score0.0005EPSS

Exploits0

Positive Technologies•added 2026/04/02 12:0 a.m.•2 views

PT-2026-33157

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 147.0.7727.101 Description A use after free issue in Payments allows a remote attacker to execute arbitrary code via a crafted HTML page if a user is convinced to perform specific UI gestures. Use aft...

9.6CVSS6.2AI score0.00056EPSS

Exploits0References39

Positive Technologies•added 2025/12/31 12:0 a.m.•4 views

PT-2025-54388

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Digages Direct Payments WP allows Retrieve Embedded Sensitive Data.This issue affects Direct Payments WP: from n/a through 1.3.0...

4.3CVSS6.9AI score0.0001EPSS

Exploits0References2

Tenable Nessus•added 2025/11/20 12:0 a.m.•2 views

Google Chrome < 83.0.4103.88 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 83.0.4103.88. It is, therefore, affected by multiple vulnerabilities as referenced in the 202006stable-channel-update-for-desktop advisory. - Use after free in payments in Google Chrome on MacOS prior to 83.0.4103.97...

9.6CVSS7.6AI score0.01637EPSS

Exploits0References13