Lucene search
K

1615 matches found

AlmaLinux
AlmaLinux
added 2026/06/23 12:0 a.m.4 views

Moderate: opencryptoki security update

The opencryptoki packages contain version 2.11 of the PKCS11 API, implemented for IBM Cryptocards, such as IBM 4764 and 4765 crypto cards. These packages includes support for the IBM 4758 Cryptographic CoProcessor with the PKCS11 firmware loaded, the IBM eServer Cryptographic Accelerator FC 4960 ...

6.8CVSS5.8AI score0.0016EPSS
Exploits1References4
Mageia
Mageia
added 2026/06/18 9:28 p.m.9 views

Updated opensc packages fix security vulnerabilities

CVE-2025-66038 Memory corruption via improper compact-TLV length validation CVE-2025-66215 Stack-buffer-overflow with physical access via crafted smart card or USB device CVE-2025-49010 Stack-buffer-overflow via crafted smart card or USB device responses CVE-2025-66037 Out-of-bounds read via...

6.8CVSS5.2AI score0.00282EPSS
Exploits2References3
OSV
OSV
added 2026/06/17 6:0 a.m.6 views

RLSA-2026:26352 Moderate: opencryptoki security update

The opencryptoki packages contain version 2.11 of the PKCS11 API, implemented for IBM Cryptocards, such as IBM 4764 and 4765 crypto cards. These packages includes support for the IBM 4758 Cryptographic CoProcessor with the PKCS11 firmware loaded, the IBM eServer Cryptographic Accelerator FC 4960 ...

6.8CVSS5.4AI score0.0016EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/13 5:36 p.m.16 views

EUVD-2026-36653

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability CWE-287 in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 administrator in response to any HTTP POST request that supplie...

9.8CVSS5.7AI score0.00548EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/10 2:34 p.m.8 views

CVE-2026-53693 MISP BSimVis stored cross-site scripting in tag and cluster rendering paths via unescaped tag metadata and UI labels

A stored cross-site scripting vulnerability existed in MISP BSimVis tag rendering code. Several client-side rendering paths interpolated tag names, collection names, entity identifiers, cluster names, and tag metadata directly into HTML, HTML attributes, inline JavaScript event handlers, and CSS...

6.9CVSS5.5AI score0.00277EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 11:54 a.m.26 views

CVE-2026-11764

CVE-2026-11764 describes a data exposure where exporting all reusable media includes gift card secrets, even for users without permission to view gift cards. This indicates a permission boundary bypass, since the UI/API only reveal partial (first letters) of the secret, yet the export leaks full ...

6.9CVSS5.5AI score0.00229EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 11:54 a.m.12 views

EUVD-2026-35407

When creating an export of all reusable media, the secrets of connected gift cards were included in the export even if the user creating the export does not have permission to view gift cards. This is inconsistent with the UI and API where only the first letters of the gift card secret are shown...

6.9CVSS5.5AI score0.00229EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 11:54 a.m.33 views

CVE-2026-11764 Data exposed without proper permission

When creating an export of all reusable media, the secrets of connected gift cards were included in the export even if the user creating the export does not have permission to view gift cards. This is inconsistent with the UI and API where only the first letters of the gift card secret are shown...

6.9CVSS0.00229EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.21 views

pretix 安全漏洞

Pretix is a ticketing system developed by the German company Pretix. Pretix has a security vulnerability. This vulnerability stems from including the secrets of connected gift cards during the creation of all reusable media exports. As a result, it is possible for users who create these exports t...

6.9CVSS5.4AI score0.00229EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/07 5:13 a.m.11 views

CVE-2026-11227

An incorrect security ui flaw was found in the Tab Hover Cards component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=448421954...

6.5CVSS5.4AI score0.00158EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/06/07 4:41 a.m.10 views

SUSE CVE-2026-11227

Incorrect security UI in Tab Hover Cards in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted domain name. Chromium security severity: Low...

6.5CVSS5.5AI score0.00158EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/06/05 2:0 p.m.14 views

Chromium: CVE-2026-11227 Incorrect security UI in Tab Hover Cards

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.5CVSS5.4AI score0.00158EPSS
Exploits0
EUVD
EUVD
added 2026/06/05 12:31 a.m.11 views

EUVD-2026-34688

Incorrect security UI in Tab Hover Cards in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted domain name. Chromium security severity: Low...

5.8AI score0.00158EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-11227

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect security UI in Tab Hover Cards in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted domain name...

6.5CVSS5.4AI score0.00158EPSS
Exploits0References2
NVD
NVD
added 2026/06/04 11:17 p.m.12 views

CVE-2026-11227

Incorrect security UI in Tab Hover Cards in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted domain name. Chromium security severity: Low...

6.5CVSS0.00158EPSS
Exploits0References2
OSV
OSV
added 2026/06/04 11:17 p.m.6 views

DEBIAN-CVE-2026-11227

Incorrect security UI in Tab Hover Cards in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted domain name. Chromium security severity: Low...

6.5CVSS5.5AI score0.00158EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/04 11:5 p.m.6 views

CVE-2026-11227

Incorrect security UI in Tab Hover Cards in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted domain name. Chromium security severity: Low...

5.8AI score0.00158EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/04 11:5 p.m.27 views

CVE-2026-11227

Summary: CVE-2026-11227 affects Google Chrome’s Tab Hover Cards UI. The vulnerability is a mismatch in the security UI that could allow a remote attacker to spoof a domain via a crafted domain name. The issue is associated with Chrome versions before 149.0.7827.53 (Chromium security severity: Low...

6.5CVSS5.8AI score0.00158EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/04 11:5 p.m.9 views

CVE-2026-11227

Incorrect security UI in Tab Hover Cards in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted domain name. Chromium security severity: Low...

5.5AI score0.00158EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/04 11:5 p.m.36 views

CVE-2026-11227

Incorrect security UI in Tab Hover Cards in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted domain name. Chromium security severity: Low...

0.00158EPSS
Exploits0References2
Rows per page
Query Builder