Lucene search
K

487 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/20 7:12 p.m.10 views

CVE-2026-9115

Insufficient policy enforcement in Service Worker in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.8AI score0.00224EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/20 7:12 p.m.9 views

CVE-2026-9115

Insufficient policy enforcement in Service Worker in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00224EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/20 7:12 p.m.37 views

CVE-2026-9115

Insufficient policy enforcement in Service Worker in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

0.00224EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/20 7:12 p.m.11 views

EUVD-2026-31161

Insufficient policy enforcement in Service Worker in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.8AI score0.00224EPSS
Exploits0References2
CVE
CVE
added 2026/05/20 7:12 p.m.196 views

CVE-2026-9115

CVE-2026-9115 : In Google Chrome, the Service Worker policy enforcement is insufficient prior to 148.0.7778.179, permitting a remote attacker to bypass the same-origin policy via a crafted HTML page. Affected: Chrome/Chromium's Service Worker. Impact is a potential cross-origin bypass as describe...

4.3CVSS5.8AI score0.00224EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/05/20 7:12 p.m.21 views

CVE-2026-9115

Insufficient policy enforcement in Service Worker in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.8AI score0.00224EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/05/20 7:12 p.m.8 views

CVE-2026-9115

Insufficient policy enforcement in Service Worker in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.5AI score0.00224EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

Memory access beyond the allowed boundaries in the Service Worker API in Google Chrome prior to version 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.01059EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.25 views

Astra Linux – Vulnerability in Chromium

Before version 103.0.5060.134, using the "after free" method in the Service Worker API in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.4AI score0.17864EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Thunderbird

When an HTTPS page is embedded in an HTTP page, and a service worker is registered for the former, the service worker could intercept the request for the secure page. This occurs even though the iframe does not belong to a secure context due to the insecure framing. This vulnerability affects...

6.5CVSS7.1AI score0.01556EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Chromium

Memory access beyond the allowed boundaries in the Service Worker API in Google Chrome prior to version 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.01059EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in the Service Worker API in Google Chrome prior to version 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation through a crafted HTML page...

6.5CVSS6.8AI score0.00626EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.9 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.179 contained a security vulnerability. This vulnerability stemmed from insufficient execution of Service Worker policies, which could allow remote attackers to bypass the same-origin policy...

4.3CVSS5.9AI score0.00224EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2026/05/19 12:0 a.m.21 views

KLA91066 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in WebRTC can be exploite...

8.8CVSS6.6AI score0.00796EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.14 views

PT-2026-42235

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.179 Description Insufficient policy enforcement in the Service Worker allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or script...

7.5CVSS5.8AI score0.00224EPSS
Exploits0References23
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2026/05/19 12:0 a.m.24 views

Stable Channel Update for Desktop

The Stable channel has been updated to 148.0.7778.178/179 for Windows/Mac and 148.0.7778.178 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log Security Fixes and Rewards Note: Access to bug details and links may be kept...

8.8CVSS5.9AI score0.00796EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/05/08 10:26 p.m.11 views

CVE-2026-7922

An use after free flaw was found in the ServiceWorker component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=499449324...

9.6CVSS5.7AI score0.00206EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/05/08 10:25 p.m.9 views

CVE-2026-7909

An inappropriate implementation flaw was found in the ServiceWorker component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497437113...

6.8CVSS5.7AI score0.00187EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/05/08 2:26 a.m.7 views

SUSE CVE-2026-7958

Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML UXSS via a crafted Chrome Extension. Chromium security severity: Medium...

5.4CVSS5.9AI score0.00142EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/05/07 4:40 p.m.18 views

NPM: Cinny vulnerable to access token disclosure via invalidated emoji pack avatar URL in service worker

NPM: Cinny vulnerable to access token disclosure via invalidated emoji pack avatar URL in service worker vulnerability discovered by ? in WordPress Npm cinny versions 4.10.3...

5.8AI score0.00302EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder