Lucene search
K

8 matches found

EUVD
EUVD
added 2026/05/12 9:31 p.m.9 views

EUVD-2026-29771

CAI Content Credentials versions 0.78.2, 0.7.0 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitatio...

6.2CVSS5.8AI score0.00193EPSS
Exploits0References2
Kaspersky
Kaspersky
added 2026/03/23 12:0 a.m.7 views

KLA90950 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in Base can be exploited to...

8.8CVSS6.6AI score0.00415EPSS
Exploits1References23
SUSE CVE
SUSE CVE
added 2026/03/22 12:25 a.m.4 views

SUSE CVE-2026-4456

Use after free in Digital Credentials API in Google Chrome prior to 146.0.7680.153 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.9AI score0.00253EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/20 8:35 a.m.4 views

CVE-2026-4456

An use after free flaw was found in the Digital Credentials API component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=488617440...

9CVSS5.7AI score0.00253EPSS
Exploits0References5
OSV
OSV
added 2026/03/20 2:16 a.m.2 views

DEBIAN-CVE-2026-4456

Use after free in Digital Credentials API in Google Chrome prior to 146.0.7680.153 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.4AI score0.00253EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/01/20 4:14 a.m.3 views

CVE-2026-0904

Incorrect security UI in Digital Credentials in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...

5.4CVSS5.3AI score0.00168EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2020/07/22 12:38 p.m.6 views

openstack-keystone: Credentials endpoint policy logic allows changing credential owner and target project ID

A vulnerability was found in Keystone's EC2 credentials API. This flaw allows any authenticated user to create an EC2 credential for themselves for a project that they have a specified role, and then perform an update to the credential user and project, allowing them to masquerade as another user...

8.8CVSS7.1AI score0.04918EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/07/22 12:38 p.m.3 views

openstack-keystone: EC2 and credential endpoints are not protected from a scoped context

A vulnerability was found in Keystone's EC2 credentials API. This flaw allows any user authenticated within a limited scope trust/OAuth/application credential to create an EC2 credential with escalated permissions, for example, obtaining an "admin" role, while the user is on a limited "viewer" ro...

8.8CVSS5.8AI score0.01562EPSS
Exploits0References5
Rows per page
Query Builder