Lucene search
K

4826 matches found

Cvelist
Cvelist
added 5 days ago36 views

CVE-2026-0278 Prisma Access Agent: Multiple DLP Policy Bypass Vulnerabilities on Windows

Multiple protection mechanism failures in the Prisma Access Agent Data Loss Prevention DLP component for Windows allow a local user to bypass DLP policy enforcement controls. The Prisma Access Agent on macOS is not affected...

8.4CVSS0.00151EPSS
Exploits0References1
CVE
CVE
added 5 days ago11 views

CVE-2026-0278

Summary: CVE-2026-0278 affects the Prisma Access Agent on Windows, where multiple protection mechanism failures in the Data Loss Prevention (DLP) component allow bypass of DLP policy enforcement. The macOS agent is not affected. Affected versions: 24.0 through 26.2. Impact: DLP controls can be ci...

8.4CVSS5.9AI score0.00151EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago35 views

CVE-2026-15122

Insufficient validation of untrusted input in Codecs in Google Chrome on Windows prior to 150.0.7871.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

0.0019EPSS
Exploits0References2
Debian CVE
Debian CVE
added 6 days ago5 views

CVE-2026-15120

Use after free in Core in Google Chrome on Windows prior to 150.0.7871.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS6AI score0.00178EPSS
Exploits0
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-42242

Omnissa Workspace ONE® Tunnel for Windows addresses a Local Privilege Escalation Vulnerability...

7.8CVSS5.9AI score0.0017EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 6 days ago8 views

PT-2026-56419

Name of the Vulnerable Software and Affected Versions Omnissa Workspace ONE® Tunnel for Windows affected versions not specified Description A local privilege escalation issue exists that allows a malicious actor with local access to a device to elevate their privileges. Recommendations At the...

7.8CVSS5.9AI score0.0017EPSS
Exploits0References6
OSV
OSV
added last week5 views

PYSEC-2026-1477 Jupyter Core on Windows Has Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

Impact On Windows, the shared %PROGRAMDATA% directory is searched for configuration files SYSTEMCONFIGPATH and SYSTEMJUPYTERPATH, which may allow users to create configuration files affecting other users. Only shared Windows systems with multiple users and unprotected %PROGRAMDATA% are affected...

7.3CVSS7.1AI score0.00154EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/07/04 12:45 a.m.5 views

CVE-2026-54424

An Incorrect Use of Privileged APIs vulnerability in Unity Parsec on Windows hosts leads to a potential Elevation of Privilege. This issue affects Parsec through v2026-05-04.0. The patched version is Parsec for Windows version 150-104a. A user can generate a situation where there is an instance o...

8.4CVSS6AI score0.00245EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/07/03 12:0 a.m.12 views

7-Zip <= 26.02 Mark-of-the-Web Bypass (CVE-2026-58052)

The version of 7-Zip installed on the remote Windows host is 26.02 or earlier. It is, therefore, affected by a vulnerability: - 7-Zip for Windows fails to preserve the Mark-of-the-Web when extracting a crafted RAR5 archive, because its guard that suppresses an archive-supplied Zone.Identifier...

4.8CVSS6.1AI score0.00119EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/02 12:0 a.m.35 views

CVE-2026-38972

Notepad3 through 6.25.822.1 contains a DLL search-order hijacking vulnerability in the About-dialog code path in src/Notepad3.c. The application calls LoadLibraryL"MSFTEDIT.DLL" with a bare DLL name, which allows a local attacker to place a malicious MSFTEDIT.DLL in the application directory or...

0.00149EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/07/01 10:21 p.m.6 views

CVE-2026-14384

Out of bounds read in ANGLE in Google Chrome on Windows prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00263EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/07/01 10:21 p.m.25 views

CVE-2026-14384

Out of bounds read in ANGLE in Google Chrome on Windows prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

0.00263EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/01 10:21 p.m.25 views

CVE-2026-14391

Integer overflow in ANGLE in Google Chrome on Windows prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

0.00233EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/01 12:34 a.m.10 views

EUVD-2026-40530

Use after free in Updater in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: High...

5.8AI score0.00109EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-13925

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Downloads in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specifi...

7.5CVSS6.4AI score0.00354EPSS
Exploits0References2
NVD
NVD
added 2026/06/30 11:17 p.m.6 views

CVE-2026-14122

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...

8.1CVSS0.00239EPSS
Exploits0References2
NVD
NVD
added 2026/06/30 11:17 p.m.6 views

CVE-2026-14010

Uninitialized Use in Codecs in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00302EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.3 views

DEBIAN-CVE-2026-14010

Uninitialized Use in Codecs in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00302EPSS
Exploits0References1
CVE
CVE
added 2026/06/30 10:39 p.m.21 views

CVE-2026-14094

Summary (CVE-2026-14094) : A use-after-free flaw in the Chrome Windows Installer component allows a local attacker to escalate to OS-level privileges by loading a malicious file. Affected software: Google Chrome on Windows (prior to version 150.0.7871.47). Root cause: use-after-free in the Instal...

7.8CVSS5.8AI score0.00089EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/30 10:39 p.m.26 views

CVE-2026-14094

Use after free in Installer in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: Low...

0.00089EPSS
Exploits0References2
Rows per page
Query Builder