Lucene search
K

2407 matches found

OPENSUSE Linux
OPENSUSE Linux
added 2026/02/02 12:0 a.m.8 views

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2026:0034-1 Rating: important References: 1257404 Cross-References: CVE-2026-1504 Affected Products: openSUSE Backports SLE-15-SP6 An update that fixes one vulnerability is now available. Description: Chromium was...

6.5CVSS7AI score0.00224EPSS
Exploits1References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/01 10:28 a.m.10 views

Malicious code in colorss (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 de8be235bf17ee738265f4a0254263fc0caeefa1f9228c9f6f122dfd7b2fac2d Package silently executes in background a remote script. During the analysis, the script was not accessible --- Category: MALICIOUS - The campaign has clearly...

5.9AI score
Exploits0References1
OSV
OSV
added 2026/02/01 10:28 a.m.2 views

MAL-2026-619 Malicious code in colorss (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 de8be235bf17ee738265f4a0254263fc0caeefa1f9228c9f6f122dfd7b2fac2d Package silently executes in background a remote script. During the analysis, the script was not accessible --- Category: MALICIOUS - The campaign has clearly...

5.9AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/02/01 12:0 a.m.3 views

Fedora 43 : chromium (2026-ffccca9880)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-ffccca9880 advisory. Update to 144.0.7559.109 CVE-2026-1504: Inappropriate implementation in Background Fetch API Tenable has extracted the preceding description block directly...

6.5CVSS5.5AI score0.00224EPSS
Exploits1References2
Microsoft CVE
Microsoft CVE
added 2026/01/30 11:20 a.m.11 views

Chromium: CVE-2026-1504 Inappropriate implementation in Background Fetch API

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.5CVSS5.9AI score0.00224EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/01/30 10:10 a.m.6 views

CVE-2026-25067

SmarterTools SmarterMail versions prior to build 9518 contain an unauthenticated path coercion vulnerability in the background-of-the-day preview endpoint. The application base64-decodes attacker-supplied input and uses it as a filesystem path without validation. On Windows systems, this allows U...

6.9CVSS5.9AI score0.00283EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/01/30 12:26 a.m.8 views

SUSE CVE-2026-1504

Inappropriate implementation in Background Fetch API in Google Chrome prior to 144.0.7559.110 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.9AI score0.00224EPSS
Exploits1References3
OSV
OSV
added 2026/01/29 11:22 a.m.5 views

MAL-2026-602 Malicious code in tableasets (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3144974fea7e1e56465e9ba49f98ab0457b3adf75130300002c47f415d64fbd0 Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...

6.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/29 10:8 a.m.9 views

Malicious code in tableautes (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 db2caf2b50286de83c99e588ab33e86d828ff3c39fd0dac1c5f3da229cdfced7 Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...

6.1AI score
Exploits0References3
CVE
CVE
added 2026/01/29 3:38 a.m.16 views

CVE-2026-25067

SmarterTools SmarterMail before build 9518 is affected by an unauthenticated path coercion in the background-of-the-day preview endpoint. The flaw stems from base64-decoding attacker-supplied input and using it as a filesystem path without validation, which on Windows can resolve UNC paths and tr...

6.9CVSS5.9AI score0.00283EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/01/28 7:42 a.m.8 views

MAL-2026-562 Malicious code in tabullates (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 499d47c3064299cb3d921b32ac9f22c2bab7b0b841b3de3a0cee3029625d5d26 Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...

6.1AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/28 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-1504

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Background Fetch API in Google Chrome prior to 144.0.7559.110 allowed a remote attacker to leak cross-origin data via a crafted...

6.5CVSS5.9AI score0.00224EPSS
Exploits1References2
OSV
OSV
added 2026/01/27 9:16 p.m.5 views

DEBIAN-CVE-2026-1504

Inappropriate implementation in Background Fetch API in Google Chrome prior to 144.0.7559.110 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

6.5CVSS8.7AI score0.00224EPSS
Exploits1References1
NVD
NVD
added 2026/01/27 9:16 p.m.6 views

CVE-2026-1504

Inappropriate implementation in Background Fetch API in Google Chrome prior to 144.0.7559.110 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

6.5CVSS0.00224EPSS
Exploits1References2
OSV
OSV
added 2026/01/27 9:16 p.m.6 views

CVE-2026-1504

Inappropriate implementation in Background Fetch API in Google Chrome prior to 144.0.7559.110 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.8AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/27 8:46 p.m.7 views

CVE-2026-1504

Inappropriate implementation in Background Fetch API in Google Chrome prior to 144.0.7559.110 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

5.9AI score0.00224EPSS
Exploits1References2
CVE
CVE
added 2026/01/27 8:46 p.m.95 views

CVE-2026-1504

CVE-2026-1504 concerns the Background Fetch API in Chromium/Google Chrome, where an inappropriate implementation allowed a remote attacker to leak cross-origin data via a crafted HTML page. Affected software is Chromium/Chrome prior to 144.0.7559.110 (per the initial description). The root cause ...

6.5CVSS5.9AI score0.00224EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2026/01/27 8:46 p.m.4 views

EUVD-2026-4737

Inappropriate implementation in Background Fetch API in Google Chrome prior to 144.0.7559.110 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.9AI score0.00224EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/01/27 8:46 p.m.5 views

CVE-2026-1504

Inappropriate implementation in Background Fetch API in Google Chrome prior to 144.0.7559.110 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.9AI score0.00224EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/01/27 8:46 p.m.19 views

CVE-2026-1504

Inappropriate implementation in Background Fetch API in Google Chrome prior to 144.0.7559.110 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

0.00224EPSS
Exploits1References2
Rows per page
Query Builder