Lucene search
K

3942 matches found

RedhatCVE
RedhatCVE
added 2026/06/07 4:47 a.m.7 views

CVE-2026-11018

An insufficient policy enforcement flaw was found in the Actor component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497342466...

6.5CVSS5.4AI score0.0028EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/07 4:38 a.m.8 views

CVE-2026-10954

An use after free flaw was found in the Actor component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=506150628...

9.6CVSS5.4AI score0.0039EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/06 12:44 a.m.13 views

CVE-2026-47655

Exposure of sensitive information to an unauthorized actor in Microsoft Graph allows an authorized attacker to disclose information over a network...

6.5CVSS5.4AI score0.00756EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:45 p.m.10 views

CVE-2026-31909

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue...

7.5CVSS5.4AI score0.00486EPSS
Exploits0References1
CVE
CVE
added 2026/06/05 7:7 p.m.69 views

CVE-2026-11401

The CVE-2026-11401 entry describes an untrusted search path vulnerability in the GlobalDatabasePlugin of the AWS Advanced Go Wrapper for Amazon Aurora PostgreSQL. A remote authenticated low-privilege actor can escalate to other Amazon RDS user privileges (including rds_superuser) via a crafted fu...

8.6CVSS5.5AI score0.00305EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/06/05 2:0 p.m.10 views

Chromium: CVE-2026-11184 Insufficient policy enforcement in Actor

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.3CVSS5.4AI score0.00158EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/06/05 2:0 p.m.8 views

Chromium: CVE-2026-11018 Insufficient policy enforcement in Actor

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.5CVSS5.4AI score0.0028EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/06/05 2:0 p.m.8 views

Chromium: CVE-2026-10954 Use after free in Actor

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS5.4AI score0.0039EPSS
Exploits0
EUVD
EUVD
added 2026/06/05 12:31 a.m.10 views

EUVD-2026-34337

Exposure of sensitive information to an unauthorized actor in Microsoft Graph allows an authorized attacker to disclose information over a network...

6.5CVSS5.8AI score0.00756EPSS
Exploits0References2
NVD
NVD
added 2026/06/04 11:17 p.m.18 views

CVE-2026-47655

Exposure of sensitive information to an unauthorized actor in Microsoft Graph allows an authorized attacker to disclose information over a network...

6.5CVSS0.00756EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 11:5 p.m.18 views

CVE-2026-11184

CVE-2026-11184 affects Google Chrome (Chromium-backed) prior to 149.0.7827.53, where insufficient policy enforcement in the Actor component could allow a remote attacker to bypass navigation restrictions through a crafted HTML page. The vulnerability is rated Medium, with network attack vector, n...

6.3CVSS5.8AI score0.00158EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/04 11:3 p.m.31 views

CVE-2026-10954

Use after free in Actor in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

0.0039EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/04 11:3 p.m.7 views

CVE-2026-10954

Use after free in Actor in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.0039EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/04 11:3 p.m.6 views

CVE-2026-10954

Use after free in Actor in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

6.2AI score0.0039EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/04 10:0 p.m.5 views

CVE-2026-47655

Exposure of sensitive information to an unauthorized actor in Microsoft Graph allows an authorized attacker to disclose information over a network...

6.5CVSS5.8AI score0.00756EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.19 views

PT-2026-46404

Name of the Vulnerable Software and Affected Versions Microsoft Graph affected versions not specified Description Exposure of sensitive information in Microsoft Graph allows an authorized attacker to disclose information over a network. Recommendations At the moment, there is no information about...

6.5CVSS5.8AI score0.00756EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability. This vulnerability stemmed from insufficient policy execution in the Actor component, which could allow remote attackers to bypass navigation restrictions...

6.5CVSS5.6AI score0.0028EPSS
Exploits0References3
Snyk
Snyk
added 2026/06/01 9:0 p.m.8 views

Malicious Package

Overview @vpmdhaj/devops-tools is a malicious package. This package contains malicious code, and its content has been removed from the official package manager. While this package typosquats well-known libraries to impersonate valid open-source ecosystems, there is no connection between those...

9.8CVSS5.7AI score
Exploits0References2
Snyk
Snyk
added 2026/06/01 9:0 p.m.9 views

Malicious Package

Overview vpmdhaj-opensearch-setup is a malicious package. This package contains malicious code, and its content has been removed from the official package manager. While this package typosquats well-known libraries to impersonate valid open-source ecosystems, there is no connection between those...

9.8CVSS5.7AI score
Exploits0References2
Snyk
Snyk
added 2026/06/01 9:0 p.m.11 views

Malicious Package

Overview app-config-utility is a malicious package. This package contains malicious code, and its content has been removed from the official package manager. While this package typosquats well-known libraries to impersonate valid open-source ecosystems, there is no connection between those...

9.8CVSS5.7AI score
Exploits0References2
Rows per page
Query Builder