Lucene search
K

7011 matches found

RedHat Linux
RedHat Linux
added 14 hours ago4 views

firefox: thunderbird: Same-origin policy bypass in the Networking: Cookies component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: Cookies component...

9.1CVSS5.9AI score0.00189EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 14 hours ago4 views

firefox: thunderbird: Same-origin policy bypass in the Networking: Cookies component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: Cookies component...

9.1CVSS5.9AI score0.00189EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 14 hours ago4 views

firefox: thunderbird: Same-origin policy bypass in the Networking: Cookies component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: Cookies component...

9.1CVSS5.9AI score0.00189EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 14 hours ago3 views

firefox: thunderbird: Same-origin policy bypass in the Networking: Cookies component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: Cookies component...

9.1CVSS5.9AI score0.00189EPSS
Exploits0References6
CVE
CVE
added 4 days ago18 views

CVE-2026-10054

The CVE-2026-10054 entry concerns Eclipse Theia (1.8.1 and later) where the browser backend exposes privileged terminal RPC over WebSocket (/services/shell-terminal, /services/terminals/:id) without proper service-level authentication. The vulnerability stems from fail-open WebSocket origin valid...

8.8CVSS6.2AI score0.00159EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 4 days ago7 views

CVE-2026-10054

In affected versions of Eclipse Theia 1.8.1 and later, the browser backend exposes privileged terminal RPC over WebSocket /services/shell-terminal, /services/terminals/:id without service-level authentication. WebSocket origin validation in @theia/core is fail-open: connections are accepted when...

8.8CVSS6.2AI score0.00159EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-40843

Insufficient policy enforcement in StorageAccessAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.002EPSS
Exploits0References3
EUVD
EUVD
added 6 days ago9 views

EUVD-2026-40792

Insufficient policy enforcement in Speech in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00167EPSS
Exploits0References3
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-40766

Insufficient policy enforcement in Network in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00181EPSS
Exploits0References3
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-40726

Insufficient policy enforcement in GetUserMedia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00155EPSS
Exploits0References3
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-40733

Inappropriate implementation in CustomTabs in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00181EPSS
Exploits0References3
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-40744

Inappropriate implementation in FedCM in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00181EPSS
Exploits0References3
EUVD
EUVD
added 6 days ago8 views

EUVD-2026-40711

Insufficient validation of untrusted input in SanitizerAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00319EPSS
Exploits0References3
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-40647

Insufficient validation of untrusted input in Blink in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00238EPSS
Exploits0References3
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-40607

Insufficient validation of untrusted input in DeviceBoundSessionCredentials in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00319EPSS
Exploits0References3
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-40567

Inappropriate implementation in WebAppInstalls in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00211EPSS
Exploits0References3
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-40524

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00218EPSS
Exploits0References3
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-40525

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00218EPSS
Exploits0References3
EUVD
EUVD
added 6 days ago10 views

EUVD-2026-40508

Inappropriate implementation in Extensions in Google Chrome on Android prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension. Chromium security severity: High...

5.8AI score0.00142EPSS
Exploits0References3
OSV
OSV
added last week3 views

DEBIAN-CVE-2026-14156

Insufficient policy enforcement in StorageAccessAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

6.5CVSS5.8AI score0.002EPSS
Exploits0References1
Rows per page
Query Builder