Lucene search
K

20491 matches found

NVD
NVD
added yesterday6 views

CVE-2026-12167

The Minifilter communication port for driver GFACSysx64.sys in Little Orbit GFAC allows a local attacker to access privileged driver functionality via a communication interface that lacks appropriate access restrictions...

7.8CVSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-12167

The Minifilter communication port for driver GFACSysx64.sys in Little Orbit GFAC allows a local attacker to access privileged driver functionality via a communication interface that lacks appropriate access restrictions...

7.8CVSS5.8AI score
Exploits0References4
Nuclei
Nuclei
added yesterday25 views

Vite server.fs.deny Bypass - Local File Inclusion

Vite is a frontend tooling framework for javascript. The contents of arbitrary files can be returned to the browser. By adding ?.svg with ?.wasm?init or with sec-fetch-dest- script header, the server.fs.deny restriction was able to bypass. This bypass is only possible if the file is smaller than...

5.3CVSS6.8AI score0.35194EPSS
Exploits7References5
Nuclei
Nuclei
added yesterday69 views

Oracle Weblogic - Server-Side Request Forgery

An unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0 and 10.3.6.0 allows remote attackers to affect confidentiality via vectors related to WLS - Web Services. id: CVE-2014-4210 info: name: Oracle Weblogic - Server-Side Request Forgery author:...

5CVSS7.4AI score0.38152EPSS
Exploits8References5
RedhatCVE
RedhatCVE
added 2 days ago6 views

CVE-2026-56377

A flaw in ImageMagick’s policy enforcement allows remote attackers to bypass path restrictions within sandboxed conversion services. By circumventing these controls, an attacker can create or truncate files outside permitted security boundaries, leading to unauthorized file manipulation. Mitigati...

4.8CVSS5.9AI score0.00175EPSS
Exploits0References5
EUVD
EUVD
added 2 days ago4 views

EUVD-2026-40504

Inappropriate implementation in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00272EPSS
Exploits0References3
NVD
NVD
added 3 days ago6 views

CVE-2026-56377

ImageMagick before 7.1.2-24 contains an incorrect policy check that allows attackers to create or truncate files disallowed by security policies. Remote attackers can bypass path policy restrictions in sandboxed conversion services to write arbitrary files outside intended boundaries...

4.8CVSS0.00175EPSS
Exploits0References2
NVD
NVD
added 3 days ago7 views

CVE-2026-56233

Capgo before 12.128.2 contains a path traversal vulnerability in the builder upload proxy that allows authenticated users with build permissions to bypass upload restrictions. Attackers can append traversal sequences to the upload path, which are normalized by the WHATWG URL parser, enabling acce...

8.7CVSS0.00451EPSS
Exploits0References2
OSV
OSV
added 3 days ago2 views

DEBIAN-CVE-2026-14054

Insufficient policy enforcement in Network in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.0023EPSS
Exploits0References1
NVD
NVD
added 3 days ago5 views

CVE-2026-14054

Insufficient policy enforcement in Network in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

4.3CVSS0.0023EPSS
Exploits0References2
NVD
NVD
added 3 days ago5 views

CVE-2026-13974

Integer overflow in Safe Browsing in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a malicious file. Chromium security severity: Medium...

8.1CVSS0.00203EPSS
Exploits0References2
OSV
OSV
added 3 days ago2 views

DEBIAN-CVE-2026-13964

Insufficient policy enforcement in WebView in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.0022EPSS
Exploits0References1
OSV
OSV
added 3 days ago2 views

DEBIAN-CVE-2026-13929

Insufficient policy enforcement in DevTools in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to bypass navigation restrictions via a malicious file. Chromium security severity: Medium...

5.5CVSS5.8AI score0.00131EPSS
Exploits0References1
NVD
NVD
added 3 days ago4 views

CVE-2026-13900

Inappropriate implementation in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00308EPSS
Exploits0References2
NVD
NVD
added 3 days ago5 views

CVE-2026-13896

Insufficient policy enforcement in Glic in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00242EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago21 views

CVE-2026-14066

Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

0.00244EPSS
Exploits0References2
CVE
CVE
added 3 days ago8 views

CVE-2026-14065

CVE-2026-14065 affects Google Chrome prior to 150.0.7871.47. The issue is insufficient validation of untrusted input in PageInfo, which could allow a remote attacker who already compromised the renderer process to bypass navigation restrictions via a crafted HTML page. The common description acro...

6.5CVSS5.8AI score0.00319EPSS
Exploits0References2Affected Software1
CVE
CVE
added 3 days ago30 views

CVE-2026-14054

The CVE-2026-14054 entry concerns Google Chrome (Chromium base) with an issue in policy enforcement that allowed navigation restriction bypass via a crafted HTML page, affecting versions prior to 150.0.7871.47. The vulnerability is described as low severity (CVSS 4.3, MEDIUM by some scales) with ...

4.3CVSS5.8AI score0.0023EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 3 days ago3 views

CVE-2026-13962

Insufficient data validation in PDF in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.0022EPSS
Exploits0
CVE
CVE
added 3 days ago7 views

CVE-2026-13926

The CVE-2026-13926 entry concerns Google Chrome prior to 150.0.7871.47, where insufficient validation of untrusted input in the Network component allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. The primary impact is a p...

6.5CVSS5.8AI score0.00319EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder