Lucene search
K

972 matches found

OSV
OSV
added 2026/06/04 11:17 p.m.6 views

DEBIAN-CVE-2026-10992

Insufficient data validation in Animation in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00308EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 11:4 p.m.7 views

CVE-2026-10992

Insufficient data validation in Animation in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.5AI score0.00308EPSS
Exploits0References2
CVE
CVE
added 2026/06/04 11:4 p.m.26 views

CVE-2026-10992

CVE-2026-10992 affects Google Chrome (Chromium-based) prior to 149.0.7827.53, where insufficient data validation in the Animation component may allow a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. The vulnerability is linked to the Chrom...

6.5CVSS5.8AI score0.00308EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/04 11:4 p.m.36 views

CVE-2026-10992

Insufficient data validation in Animation in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

0.00308EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/04 11:4 p.m.11 views

CVE-2026-10992

Insufficient data validation in Animation in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00308EPSS
Exploits0
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.11 views

SAMSUNG rLottie 安全漏洞

SAMSUNG rLottie is a platform-independent C++ library developed by Samsung Electronics of South Korea. It is used for real-time rendering of vector-based animations and art. A previous version of SAMSUNG rLottie had a security vulnerability caused by a stack-based buffer overflow, which could lea...

6.1CVSS5.8AI score0.00105EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.11 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability. This vulnerability stemmed from insufficient data validation in the Animation component, which could allow remote attackers to obtain sensitive information...

6.5CVSS5.4AI score0.00308EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.13 views

PT-2026-46521

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient data validation in the Animation component allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page...

9.6CVSS5.8AI score0.00493EPSS
Exploits0References437
NVD
NVD
added 2026/06/01 10:16 p.m.11 views

CVE-2026-0036

In startAnimation of StageCoordinator.java, there is a possible tapjacking issue due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS0.00072EPSS
Exploits0References1
OSV
OSV
added 2026/06/01 6:15 a.m.3 views

CVE-2026-10231 Assimp Half-Life 1 MDL Loader HL1MDLLoader.cpp extract_anim_value heap-based overflow

A security flaw has been discovered in Assimp up to 6.0.4. Affected is the function HL1MDLLoader::extractanimvalue of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. Performing a manipulation of the argument num.total results in heap-based buffer overflow. The attack must be...

4.8CVSS6.3AI score0.00124EPSS
Exploits0References9
OSV
OSV
added 2026/05/29 10:3 p.m.13 views

MAL-2026-5083 Malicious code in tailwindcss-basic-animation (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fa0cc72271b87587b2d58ff45625dfa9df9f8e4547b68096d359757e68b8946f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
Snyk
Snyk
added 2026/05/29 10:3 p.m.16 views

Malicious Package

Overview tailwindcss-basic-animation is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/29 10:3 p.m.52 views

Malicious code in tailwindcss-basic-animation (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fa0cc72271b87587b2d58ff45625dfa9df9f8e4547b68096d359757e68b8946f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
NVD
NVD
added 2026/05/27 7:16 a.m.24 views

CVE-2026-8872

The Animate Your Content plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'animation-set' shortcode in versions up to, and including, 1.0.0. This is due to insufficient input sanitization and output escaping on user supplied attributes in the...

6.4CVSS0.00193EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/27 5:31 a.m.11 views

CVE-2026-8872

The Animate Your Content plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'animation-set' shortcode in versions up to, and including, 1.0.0. This is due to insufficient input sanitization and output escaping on user supplied attributes in the...

6AI score0.00193EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/27 5:31 a.m.35 views

CVE-2026-8872 Animate Your Content <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

The Animate Your Content plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'animation-set' shortcode in versions up to, and including, 1.0.0. This is due to insufficient input sanitization and output escaping on user supplied attributes in the...

6.4CVSS0.00193EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.17 views

PT-2026-43520

The Animate Your Content plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'animation-set' shortcode in versions up to, and including, 1.0.0. This is due to insufficient input sanitization and output escaping on user supplied attributes in the shortcode args to ht...

6.4CVSS6AI score0.00193EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.14 views

WordPress plugin Animate Your Content 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.4CVSS5.8AI score0.00193EPSS
Exploits0References4
Patchstack
Patchstack
added 2026/05/26 3:52 p.m.18 views

WordPress Animation Addons for Elementor – GSAP Motion Elementor Addons & Website Templates plugin <= 2.6.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - krei.dev | ogbuilders.io in WordPress Plugin Animation Addons for Elementor versions = 2.6.3...

5.8AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/05/26 3:52 p.m.9 views

WordPress Animation Addons for Elementor – GSAP Motion Elementor Addons & Website Templates plugin <= 2.6.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - krei.dev | ogbuilders.io in WordPress Plugin Animation Addons for Elementor versions = 2.6.3...

5.8AI score
Exploits0References1Affected Software1
Rows per page
Query Builder