Lucene search
K

3777 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/04 11:5 p.m.6 views

CVE-2026-11169

Inappropriate implementation in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted XML file. Chromium security severity: Medium...

6AI score0.00211EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/06/04 11:5 p.m.7 views

CVE-2026-11166

Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6.8CVSS5.6AI score0.00205EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/04 11:5 p.m.8 views

CVE-2026-11166

Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6AI score0.00205EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/06/04 11:5 p.m.7 views

CVE-2026-11122

Inappropriate implementation in Keyboard in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6.1CVSS5.6AI score0.00159EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/04 11:5 p.m.32 views

CVE-2026-11122

Inappropriate implementation in Keyboard in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

0.00159EPSS
Exploits0References2
CVE
CVE
added 2026/06/04 11:4 p.m.22 views

CVE-2026-11034

The CVE-2026-11034 entry affects Google Chrome on Android, specifically the Tab Group Sync feature. The issue is insufficient validation of untrusted input, allowing a remote attacker to inject arbitrary scripts or HTML (UXSS) via malicious network traffic. Affects Chrome versions before 149.0.78...

6.1CVSS6AI score0.00182EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability, which was caused by improper XML implementation. Remote attackers could inject arbitrary scripts or HTML through specially crafted HTML pag...

6.1CVSS5.5AI score0.00159EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.6 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability, which was caused by improper SVG implementation. A remote attacker could inject arbitrary scripts or HTML through a specially crafted HTML page...

6.8CVSS5.5AI score0.00205EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.6 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability, which was caused by improper implementations in the Keyboard component. Remote attackers could inject arbitrary scripts or HTML through specially crafted HT...

6.1CVSS5.5AI score0.00159EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.13 views

PT-2026-46649

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the Keyboard component allows a remote attacker to perform Universal Cross-Site Scripting UXSS, which is the ability to execute scripts across differe...

9.6CVSS6.1AI score0.00985EPSS
Exploits0References437
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.8 views

PT-2026-46713

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in CSS allows a remote attacker to perform Universal Cross-Site Scripting UXSS, which is the ability to execute scripts across different origins, by usin...

9.6CVSS6.1AI score0.00985EPSS
Exploits0References434
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.7 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 had a vulnerability related to input validation errors. This vulnerability stemmed from insufficient validation of untrusted inputs during the tag group synchronization process. It could allow...

6.1CVSS6AI score0.00182EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/18 2:27 p.m.23 views

CVE-2025-67202

A flaw was found in Sidekiq-cron, an open-source scheduling add-on for Sidekiq. A remote attacker could exploit this cross-site scripting XSS vulnerability by injecting malicious scripts into a crafted URL. When this URL is rendered from cron.erb, the attacker's script would execute in the victim...

6.1CVSS5.7AI score0.00194EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.12 views

CVE-2026-8539

Script injection in SanitizerAPI in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: High...

5.4CVSS6AI score0.00159EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.10 views

PT-2026-41068

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.168 Description Script injection in the SanitizerAPI allows a remote attacker to inject arbitrary scripts or HTML, leading to Universal Cross-Site Scripting UXSS, which is a vulnerability...

8.8CVSS6.1AI score0.00498EPSS
Exploits0References83
SUSE CVE
SUSE CVE
added 2026/05/08 2:26 a.m.7 views

SUSE CVE-2026-7939

Inappropriate implementation in SanitizerAPI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

5.4CVSS5.9AI score0.00165EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/06 9:31 p.m.7 views

EUVD-2026-27981

Inappropriate implementation in SanitizerAPI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

5.4CVSS6AI score0.00165EPSS
Exploits0References3
NVD
NVD
added 2026/05/06 7:16 p.m.6 views

CVE-2026-7939

Inappropriate implementation in SanitizerAPI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

5.4CVSS0.00165EPSS
Exploits0References2
CVE
CVE
added 2026/05/06 6:12 p.m.16 views

CVE-2026-7953

CVE-2026-7953 describes UXSS in Google Chrome due to insufficient validation of untrusted input in the Omnibox. Affects Chrome versions prior to 148.0.7778.96; exploitation would require malicious network traffic to inject scripts/HTML. The linked PT-2026-38146 and OSV/NVD entries confirm the sam...

6.1CVSS6AI score0.00171EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.9 views

Google Chrome 跨站脚本漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 had a cross-site scripting vulnerability. This vulnerability stemmed from improper implementation of MHTML, and it could allow remote attackers to inject arbitrary scripts or HTML through...

5.4CVSS5.8AI score0.00139EPSS
Exploits0References3
Rows per page
Query Builder