Lucene search
+L

6368 matches found

Positive Technologies
Positive Technologies
added 5 days ago7 views

PT-2026-58181

Name of the Vulnerable Software and Affected Versions Windows Internal Task Bar affected versions not specified Description A use-after-free condition in the Windows Internal Task Bar allows an authorized local attacker to elevate their privileges. Use-after-free is a memory corruption issue that...

7.8CVSS6.3AI score0.00257EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/07 12:30 a.m.10 views

EUVD-2026-41972

A malicious webpage could interrupt a pending navigation by enqueuing a synchronous JavaScript dialog, causing the browser UI to display the destination origin in the address bar while continuing to render attacker-controlled content. This vulnerability was fixed in Firefox for iOS 152.3...

6AI score0.00132EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/06 11:7 p.m.39 views

CVE-2026-13356 Interrupted navigation could allow address bar origin spoofing in Firefox for iOS

A malicious webpage could interrupt a pending navigation by enqueuing a synchronous JavaScript dialog, causing the browser UI to display the destination origin in the address bar while continuing to render attacker-controlled content. This vulnerability was fixed in Firefox for iOS 152.3...

0.00132EPSS
Exploits0References2
CVE
CVE
added 2026/07/06 11:7 p.m.28 views

CVE-2026-13356

The CVE-2026-13356 issue affects Firefox for iOS and centers on a malicious webpage that interrupts a pending navigation by enqueuing a synchronous JavaScript dialog. This side effect causes the browser UI to display the destination origin in the address bar while attacker-controlled content cont...

6.3CVSS6AI score0.00132EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2026/07/06 11:7 p.m.9 views

CVE-2026-13356

A malicious webpage could interrupt a pending navigation by enqueuing a synchronous JavaScript dialog, causing the browser UI to display the destination origin in the address bar while continuing to render attacker-controlled content. This vulnerability was fixed in Firefox for iOS 152.3...

6.3CVSS6AI score0.00132EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/07/01 5:42 a.m.10 views

CVE-2026-55895

A flaw was found in Vim, specifically within the netrw plugin. A local user could exploit a Vimscript code injection vulnerability by attempting to delete a specially crafted local file from the browser. This crafted filename, containing a bar character, could be interpolated into an Ex command,...

8.4CVSS6.5AI score0.00154EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/01 12:34 a.m.10 views

EUVD-2026-40810

Incorrect security UI in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00179EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.10 views

EUVD-2026-40671

Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS5.8AI score0.00165EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.6 views

EUVD-2026-40478

Use after free in Touchbar in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00316EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-13983

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specif...

4.2CVSS6.2AI score0.00165EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:16 p.m.3 views

DEBIAN-CVE-2026-13842

Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.8AI score0.00227EPSS
Exploits0References1
OSV
OSV
added 2026/06/30 11:16 p.m.5 views

DEBIAN-CVE-2026-13792

Use after free in Touchbar in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.8AI score0.00316EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/30 10:39 p.m.32 views

CVE-2026-14123

Incorrect security UI in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Low...

0.00179EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:37 p.m.8 views

CVE-2026-13792

Use after free in Touchbar in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.8AI score0.00316EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/30 10:37 p.m.31 views

CVE-2026-13792

Use after free in Touchbar in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

0.00316EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:37 p.m.23 views

CVE-2026-13792

CVE-2026-13792 is a use-after-free in Chrome for macOS Touch Bar prior to Chrome 150.0.7871.47 that could allow sandbox escape via a crafted HTML page. Connected sources confirm Chrome 150 includes fixes (e.g., 150.0.7871.47). Affected product: Google Chrome (macOS); vulnerable component: Touch B...

9.6CVSS5.8AI score0.00316EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.17 views

PT-2026-54403

Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description An improper implementation in the browser allows a remote attacker to spoof the contents of the Omnibox the address and search bar by using a specially crafted HTML page...

9.8CVSS6AI score0.00413EPSS
Exploits0References445
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.12 views

PT-2026-54069

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A use after free issue exists in the Touchbar component on Mac. This flaw allows a remote attacker to potentially achieve a sandbox escape by inducing the user to visit a specially...

9.8CVSS6.2AI score0.00413EPSS
Exploits0References448
The Hacker News
The Hacker News
added 2026/06/29 3:40 p.m.17 views

Malicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input

Microsoft has found a malicious Chrome extension that posed as the AI search engine Perplexity and quietly logged what people searched for. It routed every query and every character typed into the address bar through an attacker-controlled server before redirecting users to real results. Microsof...

5.8AI score
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/28 1:8 a.m.16 views

SUSE CVE-2026-53322

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Clean up DMABUFs before disabling function On device shutdown, make vfiopcicoreclosedevice call vfiopcidmabufcleanup before the function is disabled via vfiopcicoredisable. This ensures that all access via DMABUFs is...

8.8CVSS5.8AI score0.00182EPSS
Exploits0References3
Rows per page
Query Builder