Lucene search
+L

3380 matches found

CVE
CVE
added 2 days ago12 views

CVE-2026-8919

CVE-2026-8919 affects ASUS GameSDK. A permissive cross-domain policy with untrusted domains could let a remote user induce a local UNC request to the application’s local service endpoint, exposing a local NTLM hash and enabling information disclosure, data tampering, or service disruption. The is...

7.2CVSS6.1AI score0.00264EPSS
Exploits0References1
NVD
NVD
added 3 days ago5 views

CVE-2026-15775

Inappropriate implementation in V8 in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

6.5CVSS0.00208EPSS
Exploits0References2
OSV
OSV
added 3 days ago4 views

DEBIAN-CVE-2026-15771

Insufficient validation of untrusted input in Media in Google Chrome on Windows prior to 150.0.7871.125 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

5.3CVSS6.1AI score0.00274EPSS
Exploits0References1
NVD
NVD
added 3 days ago4 views

CVE-2026-48254

Adobe Experience Manager is affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in...

5.4CVSS0.00271EPSS
Exploits0References1
NVD
NVD
added 3 days ago4 views

CVE-2026-48253

Adobe Experience Manager is affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in...

5.4CVSS0.00271EPSS
Exploits0References1
NVD
NVD
added 3 days ago4 views

CVE-2026-48261

Adobe Experience Manager is affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in...

5.4CVSS0.00271EPSS
Exploits0References1
NVD
NVD
added 3 days ago4 views

CVE-2026-48260

Adobe Experience Manager is affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in...

5.4CVSS0.00271EPSS
Exploits0References1
CVE
CVE
added 3 days ago9 views

CVE-2026-15777

CVE-2026-15777 – Use-after-free in the Chrome UI on Linux prior to 150.0.7871.125 can allow a remote attacker to induce heap corruption by tricking a user into performing specific UI gestures on a crafted HTML page. Affected product: Google Chrome (Linux UI subsystem). Root cause: use-after-free ...

7.5CVSS6.1AI score0.0026EPSS
Exploits0References2Affected Software1
CVE
CVE
added 3 days ago9 views

CVE-2026-15778

CVE-2026-15778 affects Google Chrome navigation logic prior to version 150.0.7871.125, due to insufficient validation of untrusted input in Navigation. An attacker who compromises the renderer could bypass navigation restrictions via a crafted HTML page. The issue is addressed in Chrome 150.0.787...

6.5CVSS6.1AI score0.00263EPSS
Exploits0References2Affected Software1
CVE
CVE
added 3 days ago7 views

CVE-2026-15770

CVE-2026-15770 affects Google Chrome (V8) prior to 150.0.7871.125. The issue is an uninitialized use in V8 that can allow a remote attacker to read potentially sensitive data from process memory via a crafted HTML page. Impact is confined to information disclosure; no exploit details or in-the-wi...

6.5CVSS6.1AI score0.00315EPSS
Exploits0References2Affected Software1
CVE
CVE
added 3 days ago7 views

CVE-2026-48260

Adobe Experience Manager is affected by a DOM-based XSS vulnerability (CVE-2026-48260). The issue allows an attacker to manipulate the DOM to execute malicious JavaScript in the victim’s browser. Exploitation requires user interaction (victim visits a crafted page). CVSS v3.1: AV:N/AC:L/PR:L/UI:R...

5.4CVSS6.1AI score0.00271EPSS
Exploits0References1
CVE
CVE
added 3 days ago8 views

CVE-2026-48254

Technical details are not publicly available in the provided documents. Monitor for updates on CVE-2026-48254.

5.4CVSS6.1AI score0.00271EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 3 days ago4 views

CVE-2026-48254 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Experience Manager is affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in...

5.4CVSS6.1AI score0.00271EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 3 days ago7 views

PT-2026-58737

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.125 Description A use after free issue in Skia allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape. This is achieved by using a crafted HTML page...

8.3CVSS6.1AI score0.00221EPSS
Exploits0References4
EUVD
EUVD
added 2026/07/09 12:31 a.m.9 views

EUVD-2026-42458

Insufficient policy enforcement in Navigation in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass site isolation via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00172EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/09 12:31 a.m.9 views

EUVD-2026-42456

Inappropriate implementation in WebGL in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: High...

6.1AI score0.00139EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/09 12:31 a.m.9 views

EUVD-2026-42455

Use after free in Forms in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

6.3AI score0.00242EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/09 12:31 a.m.9 views

EUVD-2026-42479

Use after free in InterestGroups in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

6.3AI score0.00247EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/09 12:31 a.m.10 views

EUVD-2026-42486

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.115 allowed a local attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

6AI score0.00089EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/09 12:31 a.m.12 views

EUVD-2026-42448

Race in GetUserMedia in Google Chrome prior to 150.0.7871.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

6AI score0.00147EPSS
Exploits0References3
Rows per page
Query Builder