Lucene search
K

7 matches found

NVD
NVD
added yesterday3 views

CVE-2026-15768

Insufficient policy enforcement in HTML-in-Canvas in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

6.5CVSS
Exploits0References2
EUVD
EUVD
added 2026/07/01 12:34 a.m.7 views

EUVD-2026-40526

Insufficient policy enforcement in Canvas in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00233EPSS
Exploits0References3
NVD
NVD
added 2026/06/30 11:16 p.m.6 views

CVE-2026-13840

Insufficient policy enforcement in Canvas in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

6.5CVSS0.00233EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:37 p.m.25 views

CVE-2026-13840

CVE-2026-13840 concerns Google Chrome/Chromium where insufficient policy enforcement in Canvas allows a remote attacker to leak cross-origin data via a crafted HTML page. Affected product: Google Chrome (Chromium-based) prior to version 150.0.7871.47. Root cause: policy enforcement weakness in Ca...

6.5CVSS5.8AI score0.00233EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.7 views

PT-2026-54117

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient policy enforcement in Canvas allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. Recommendations Update Google Chrome to version...

9.6CVSS6AI score0.00413EPSS
Exploits0References449
Tenable Nessus
Tenable Nessus
added 2025/09/16 12:0 a.m.6 views

Amazon Linux 2 : thunderbird, --advisory ALAS2-2025-2999 (ALAS-2025-2999)

The version of thunderbird installed on the remote host is prior to 140.2.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2999 advisory. Improper Input Validation vulnerability in Mozilla neqo leads to an unexploitable crash..This issue affects neqo: fr...

9.8CVSS8AI score0.0053EPSS
Exploits0References12
OSV
OSV
added 2025/09/05 6:30 p.m.6 views

MGASA-2025-0228 Updated thunderbird packages fix vulnerabilities

Use-after-free in FontFaceSet. CVE-2025-6424 The WebCompat WebExtension shipped exposed a persistent UUID. CVE-2025-6425 Incorrect parsing of URLs could have allowed embedding of youtube.com. CVE-2025-6429 Content-Disposition header ignored when a file is included in an embed or object tag...

9.8CVSS7.8AI score0.03123EPSS
Exploits0References8
Rows per page
Query Builder