Lucene search
K

139 matches found

Debian CVE
Debian CVE
added 2026/07/02 7:37 p.m.7 views

CVE-2025-71385

Netdata before 2.3.1 reflects the user-supplied love query parameter of the api/v2/ilove.svg and api/v3/ilove.svg endpoints verbatim into the generated SVG document into a text element without HTML or XML escaping, and serves the response with Content-Type image/svg+xml. An attacker can craft a U...

6.1CVSS5.9AI score0.0024EPSS
Exploits0
EUVD
EUVD
added 2026/07/01 12:34 a.m.6 views

EUVD-2026-40704

Inappropriate implementation in SVG in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.0019EPSS
Exploits0References3
NVD
NVD
added 2026/06/30 11:17 p.m.5 views

CVE-2026-14016

Inappropriate implementation in SVG in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.0019EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.3 views

DEBIAN-CVE-2026-14016

Inappropriate implementation in SVG in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.0019EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.25 views

CVE-2026-14013

Inappropriate implementation in SVG in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

0.0019EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.5 views

CVE-2026-14013

Inappropriate implementation in SVG in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.0019EPSS
Exploits0
CVE
CVE
added 2026/06/30 10:38 p.m.150 views

CVE-2026-14013

CVE-2026-14013 affects Google Chrome before version 150.0.7871.47, due to an inappropriate SVG implementation that enables UI spoofing via a crafted HTML page. The issue is documented across multiple feeds (NVD, Debian OSV, EUVD) with a Medium severity. The connected references indicate a patch/r...

4.3CVSS5.8AI score0.0019EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/23 12:13 p.m.4 views

CVE-2026-56379 ImageMagick - Command Injection via SVG Decoder

ImageMagick before 7.1.2-15 and 6.9.13-40 contains a command injection vulnerability in the SVG decoder that allows attackers to inject arbitrary MVG drawing commands. Attackers can craft malicious SVG files with injected Magick Vector Graphics commands that execute during rendering...

9.2CVSS6.1AI score0.00895EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.8 views

RHEL 10 : qt6-qtdeclarative (RHSA-2026:24987)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:24987 advisory. Qt6 - QtDeclarative component. Security Fixes: qt: Qt SVG: Arbitrary QML/JavaScript code injection via malicious SVG file CVE-2025-14576 For more...

9.3CVSS5.7AI score0.00224EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/08 11:27 p.m.11 views

CVE-2026-11688

Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

6AI score0.00256EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/08 11:27 p.m.9 views

CVE-2026-11688

Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00256EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.17 views

PT-2026-47514

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.103 Description An inappropriate implementation in SVG allows a remote attacker to execute arbitrary code inside a sandbox by using a crafted HTML page. Recommendations Update to version 149.0.7827.10...

9.6CVSS6.5AI score0.01654EPSS
Exploits4References85
SUSE CVE
SUSE CVE
added 2026/06/07 4:43 a.m.11 views

SUSE CVE-2026-11166

Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6.8CVSS5.6AI score0.00205EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/06/05 2:0 p.m.15 views

Chromium: CVE-2026-11182 Inappropriate implementation in SVG

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.5CVSS5.4AI score0.00247EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-11166

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTM...

6.8CVSS5.6AI score0.00205EPSS
Exploits0References2
NVD
NVD
added 2026/06/04 11:17 p.m.10 views

CVE-2026-11166

Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6.8CVSS0.00205EPSS
Exploits0References2
OSV
OSV
added 2026/06/04 11:17 p.m.8 views

DEBIAN-CVE-2026-11166

Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6.8CVSS5.6AI score0.00205EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 11:5 p.m.9 views

CVE-2026-11182

Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.5AI score0.00247EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/04 11:5 p.m.37 views

CVE-2026-11182

Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

0.00247EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/04 11:5 p.m.10 views

CVE-2026-11182

Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00247EPSS
Exploits0
Rows per page
Query Builder