Lucene search
+L

1071 matches found

Debian CVE
Debian CVE
added 2026/06/30 10:37 p.m.10 views

CVE-2026-13794

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

7.5CVSS6.2AI score0.00448EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.13 views

PT-2026-54406

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in WebAppInstalls allows a remote attacker who has compromised the renderer process to perform UI spoofing through a crafted HTML page...

9.8CVSS6AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.7 views

PT-2026-54372

Name of the Vulnerable Software and Affected Versions Google Chrome on Mac versions prior to 150.0.7871.47 Description An inappropriate implementation in WebAppInstalls allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML pag...

9.8CVSS6AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.16 views

PT-2026-54149

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in the WebAppInstalls component occurs when handling Web App install-related data. This trust boundary failure allows crafted file...

9.8CVSS6.2AI score0.00413EPSS
Exploits0References446
Cvelist
Cvelist
added 2026/06/26 8:32 p.m.28 views

CVE-2026-54352 Budibase: Arbitrary file read by workspace-builder via PWA-zip symlink upload

Budibase is an open-source low-code platform. Prior to 3.39.9, POST /api/pwa/process-zip at packages/server/src/api/routes/static.ts:24 accepts a builder-uploaded .zip, extracts it with [email protected] into a temp directory, then for each entry listed in icons.json validates the icon path, open...

9.6CVSS0.00494EPSS
Exploits1References1
NVD
NVD
added 2026/06/19 8:16 p.m.16 views

CVE-2026-49345

Mercator is an open source web application that enables mapping of the information system. Prior to version 2025.05.19, a Server-Side Request Forgery SSRF vulnerability exists in Mercator's CVE configuration panel /admin/config/parameters. The testProvider method in ConfigurationController passes...

5.3CVSS0.0054EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/06/12 1:11 p.m.103 views

Web-Attack-Detection-Lab

!Kali Linuxhttps://img.shields.io/badge/KaliLinux-557C94?sty...

5.8AI score
Exploits0
GithubExploit
GithubExploit
added 2026/06/12 1:11 p.m.86 views

-Web-Attack-Detection-Lab

!Kali Linuxhttps://img.shields.io/badge/KaliLinux-557C94?sty...

5.8AI score
Exploits0
GithubExploit
GithubExploit
added 2026/06/08 10:43 a.m.84 views

OWASP_Top10_Web_Pentest

🔓 Week 04 — Web Application Penetration Testing OWASP Top 10...

5.8AI score
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/07 4:50 a.m.9 views

SUSE CVE-2026-10923

Use after free in WebAppInstalls in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to execute arbitrary code via a malicious file. Chromium security severity: High...

8.8CVSS6AI score0.00351EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:48 a.m.12 views

SUSE CVE-2026-11008

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00308EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:43 p.m.13 views

CVE-2026-8500

Web::Passwd versions through 0.03 for Perl is vulnerable to RCE. Web::Passwd is a small CGI application for managing htpasswd files using the htpasswd command. The user parameter is not validated or escaped, and is used as the last argument on the command line, allowing for command injection...

9.8CVSS5.5AI score0.01653EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/05 12:31 a.m.10 views

EUVD-2026-34472

Inappropriate implementation in WebAppInstalls in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00225EPSS
Exploits0References3
NVD
NVD
added 2026/06/04 11:17 p.m.10 views

CVE-2026-11023

Inappropriate implementation in WebAppInstalls in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00225EPSS
Exploits0References2
OSV
OSV
added 2026/06/04 11:17 p.m.8 views

DEBIAN-CVE-2026-11023

Inappropriate implementation in WebAppInstalls in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00225EPSS
Exploits0References1
OSV
OSV
added 2026/06/04 11:17 p.m.5 views

DEBIAN-CVE-2026-11008

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00308EPSS
Exploits0References1
OSV
OSV
added 2026/06/04 11:16 p.m.7 views

DEBIAN-CVE-2026-10923

Use after free in WebAppInstalls in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to execute arbitrary code via a malicious file. Chromium security severity: High...

8.8CVSS6AI score0.00351EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 11:4 p.m.20 views

CVE-2026-11023

The CVE-2026-11023 issue affects Google Chrome prior to 149.0.7827.53 and is caused by an inappropriate implementation in the WebAppInstalls component. The vulnerability could allow a remote attacker who has compromised the renderer process to bypass the same-origin policy via a crafted HTML page...

6.5CVSS5.8AI score0.00225EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/04 11:4 p.m.11 views

CVE-2026-11023

Inappropriate implementation in WebAppInstalls in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00225EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/04 11:3 p.m.12 views

CVE-2026-10923

Use after free in WebAppInstalls in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to execute arbitrary code via a malicious file. Chromium security severity: High...

6AI score0.00351EPSS
Exploits0References2
Rows per page
Query Builder