Lucene search
K

588 matches found

OSV
OSV
added 2026/06/30 11:16 p.m.3 views

DEBIAN-CVE-2026-13790

Side-channel information leakage in Scroll in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.8AI score0.00299EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/30 10:37 p.m.31 views

CVE-2026-13790

Side-channel information leakage in Scroll in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

0.00299EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:37 p.m.6 views

CVE-2026-13790

Side-channel information leakage in Scroll in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00299EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/30 10:37 p.m.20 views

CVE-2026-13790

CVE-2026-13790 describes a side-channel information leakage in Chrome’s Scroll component that could allow a remote attacker to leak cross-origin data via a crafted HTML page. Affected software is Google Chrome (Chromium-based); the vulnerability is caused by information leakage in the Scroll impl...

6.5CVSS5.8AI score0.00299EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/30 10:37 p.m.5 views

CVE-2026-13790

Side-channel information leakage in Scroll in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.8AI score0.00299EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.8 views

PT-2026-54067

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A side-channel information leakage issue exists in the Scroll component. This flaw allows a remote attacker to leak cross-origin data, which is data belonging to a different origin than...

9.8CVSS6AI score0.00413EPSS
Exploits0References450
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Linux

The vgacon subsystem in the Linux kernel before version 5.8.10 mishandles software scrollback operations. There is an out-of-bounds read in vgaconscrolldelta, also known as CID-973c096f6a85...

5.9CVSS6.7AI score0.00519EPSS
Exploits1References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/11 7:39 a.m.15 views

Malicious code in tailwind-animator-scroll (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f89c3c4c01375bc7baef213c815a901ac3947eaf3835aa80ea67a725ece8d533 The package's main entry src/index.js appends, after a large whitespace gap following the legitimate-looking Tailwind plugin code, an...

6AI score
Exploits0References2
OSV
OSV
added 2026/06/11 7:39 a.m.10 views

MAL-2026-5618 Malicious code in tailwind-animator-scroll (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f89c3c4c01375bc7baef213c815a901ac3947eaf3835aa80ea67a725ece8d533 The package's main entry src/index.js appends, after a large whitespace gap following the legitimate-looking Tailwind plugin code, an...

6AI score
Exploits0References2
Patchstack
Patchstack
added 2026/05/29 1:23 p.m.15 views

WordPress WooCommerce Infinite Scroll and Ajax Pagination plugin <= 1.8 - Authenticated (Subscriber+) PHP Object Injection vulnerability

Authenticated Subscriber+ PHP Object Injection vulnerability discovered by cuokon in WordPress Plugin WooCommerce Infinite Scroll versions = 1.8...

8.8CVSS5.8AI score0.00378EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/05/29 7:16 a.m.20 views

CVE-2025-11993

The WooCommerce Infinite Scroll and Ajax Pagination plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.8 via the 'settings' parameter in the 'importsettings' function. This is due to deserialization of untrusted data supplied via the import...

8.8CVSS0.00378EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/29 5:32 a.m.18 views

EUVD-2025-209981

The WooCommerce Infinite Scroll and Ajax Pagination plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.8 via the 'settings' parameter in the 'importsettings' function. This is due to deserialization of untrusted data supplied via the import...

8.8CVSS6AI score0.00378EPSS
Exploits0References2
CVE
CVE
added 2026/05/29 5:32 a.m.33 views

CVE-2025-11993

CVE-2025-11993 affects the WordPress plugin “WooCommerce Infinite Scroll and Ajax Pagination” (versions up to 1.8). The issue is a PHP Object Injection via the import_settings function’s settings parameter, caused by deserializing untrusted data without capability checks. An authenticated attacke...

8.8CVSS6AI score0.00378EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/29 5:32 a.m.45 views

CVE-2025-11993 WooCommerce Infinite Scroll and Ajax Pagination <= 1.8 - Authenticated (Subscriber+) PHP Object Injection

The WooCommerce Infinite Scroll and Ajax Pagination plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.8 via the 'settings' parameter in the 'importsettings' function. This is due to deserialization of untrusted data supplied via the import...

8.8CVSS0.00378EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.12 views

WordPress plugin WooCommerce Infinite Scroll and Ajax Pagination 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

8.8CVSS6AI score0.00378EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.16 views

PT-2026-44749

Name of the Vulnerable Software and Affected Versions WooCommerce Infinite Scroll and Ajax Pagination versions prior to 1.9 Description The plugin is subject to PHP Object Injection, a condition where untrusted data is deserialized, allowing an attacker to manipulate the application's logic. The...

8.8CVSS6.2AI score0.00378EPSS
Exploits0References8
Snyk
Snyk
added 2026/05/28 1:39 p.m.12 views

Malicious Package

Overview @databus-service-ui/scroll-up-content is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization...

9.8CVSS5.8AI score
Exploits0References2
NVD
NVD
added 2026/05/27 7:16 a.m.18 views

CVE-2026-8703

The Endless Scroll plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Shortcode Attributes in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access a...

6.4CVSS0.00187EPSS
Exploits0References3
CVE
CVE
added 2026/05/27 5:31 a.m.29 views

CVE-2026-8703

The CVE-2026-8703 entry concerns the WordPress Endless Scroll plugin (versions up to and including 1.0.0). It describes a Stored Cross‑Site Scripting flaw caused by insufficient input sanitization and output escaping in Shortcode Attributes. The impact stated is that authenticated attackers with ...

6.4CVSS6AI score0.00187EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/27 5:31 a.m.11 views

CVE-2026-8703 Endless Scroll <= 1.0.0 - [Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')]

The Endless Scroll plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Shortcode Attributes in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access a...

6.4CVSS6AI score0.00187EPSS
Exploits0References3
Rows per page
Query Builder