3942 matches found
CVE-2026-11018
An insufficient policy enforcement flaw was found in the Actor component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497342466...
CVE-2026-10954
An use after free flaw was found in the Actor component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=506150628...
CVE-2026-47655
Exposure of sensitive information to an unauthorized actor in Microsoft Graph allows an authorized attacker to disclose information over a network...
CVE-2026-31909
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue...
CVE-2026-11401
The CVE-2026-11401 entry describes an untrusted search path vulnerability in the GlobalDatabasePlugin of the AWS Advanced Go Wrapper for Amazon Aurora PostgreSQL. A remote authenticated low-privilege actor can escalate to other Amazon RDS user privileges (including rds_superuser) via a crafted fu...
Chromium: CVE-2026-11184 Insufficient policy enforcement in Actor
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-11018 Insufficient policy enforcement in Actor
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-10954 Use after free in Actor
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
EUVD-2026-34337
Exposure of sensitive information to an unauthorized actor in Microsoft Graph allows an authorized attacker to disclose information over a network...
CVE-2026-47655
Exposure of sensitive information to an unauthorized actor in Microsoft Graph allows an authorized attacker to disclose information over a network...
CVE-2026-11184
CVE-2026-11184 affects Google Chrome (Chromium-backed) prior to 149.0.7827.53, where insufficient policy enforcement in the Actor component could allow a remote attacker to bypass navigation restrictions through a crafted HTML page. The vulnerability is rated Medium, with network attack vector, n...
CVE-2026-10954
Use after free in Actor in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-10954
Use after free in Actor in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-10954
Use after free in Actor in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-47655
Exposure of sensitive information to an unauthorized actor in Microsoft Graph allows an authorized attacker to disclose information over a network...
PT-2026-46404
Name of the Vulnerable Software and Affected Versions Microsoft Graph affected versions not specified Description Exposure of sensitive information in Microsoft Graph allows an authorized attacker to disclose information over a network. Recommendations At the moment, there is no information about...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability. This vulnerability stemmed from insufficient policy execution in the Actor component, which could allow remote attackers to bypass navigation restrictions...
Malicious Package
Overview @vpmdhaj/devops-tools is a malicious package. This package contains malicious code, and its content has been removed from the official package manager. While this package typosquats well-known libraries to impersonate valid open-source ecosystems, there is no connection between those...
Malicious Package
Overview vpmdhaj-opensearch-setup is a malicious package. This package contains malicious code, and its content has been removed from the official package manager. While this package typosquats well-known libraries to impersonate valid open-source ecosystems, there is no connection between those...
Malicious Package
Overview app-config-utility is a malicious package. This package contains malicious code, and its content has been removed from the official package manager. While this package typosquats well-known libraries to impersonate valid open-source ecosystems, there is no connection between those...