Lucene search
K

95 matches found

CVE
CVE
added 2 days ago9 views

CVE-2026-15123

CVE-2026-15123 describes an inappropriate DOM implementation in Google Chrome, prior to 150.0.7871.115, that may allow remote heap corruption via a crafted HTML page. All connected documents confirm the issue in the Chrome DOM, with the impact labeled High and CVE-2026-15123 consistently cited ac...

8.8CVSS6AI score0.00161EPSS
Exploits0References2Affected Software1
Redos
Redos
added 2026/06/22 12:0 a.m.6 views

ROS-20260622-73-0017

The vulnerability of the DOM component in Firefox web browsers, Firefox ESR, and the Thunderbird email client is related to the use of memory after it is released. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality, integrity, and accessibility of protecte...

7.5CVSS5.8AI score0.00317EPSS
Exploits0
CVE
CVE
added 2026/06/16 11:52 a.m.29 views

CVE-2026-12299

CVE-2026-12299 is a JIT miscompilation vulnerability in the DOM: Core & HTML component that affects Firefox and Thunderbird products. The issue is fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. The CVSSv3.1 vector is CVSS:3.1/AV:N/AC:H/PR:N/...

7.5CVSS5.2AI score0.00306EPSS
Exploits0References20Affected Software2
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among...

5.4CVSS5.5AI score0.00207EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among...

5.4CVSS5.5AI score0.00207EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.10 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among...

5.4CVSS5.5AI score0.00207EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.17 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...

5.4CVSS6.1AI score0.00283EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.11 views

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a content management solution developed by Adobe Inc. in the United States. It can be used to build websites, mobile applications, and forms. This solution supports mobile content management, marketing and sales activity management, and multi-site management, among oth...

5.4CVSS6.1AI score0.00283EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/29 12:38 a.m.13 views

EUVD-2026-33158

Use after free in DOM in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

6.2AI score0.00252EPSS
Exploits0References3
NVD
NVD
added 2026/05/28 11:16 p.m.10 views

CVE-2026-9897

Use after free in DOM in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00291EPSS
Exploits0References2
CVE
CVE
added 2026/05/28 10:25 p.m.35 views

CVE-2026-10016

CVE-2026-10016 is a use-after-free in the DOM of Google Chrome, fixed by the 148.0.7778.216 update. The vulnerability allows a remote attacker to execute arbitrary code inside Chrome’s sandbox via a crafted HTML page. Severity: High (CVSS v3.1 base score 8.8; Network attack vector, no privileges ...

8.8CVSS6.2AI score0.00252EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/28 10:25 p.m.39 views

CVE-2026-10016

Use after free in DOM in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

0.00252EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.20 views

TencentOS Server 3: thunderbird (TSSA-2026:0381)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0381 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

9.8CVSS6.2AI score0.04938EPSS
Exploits1References26
Vulnrichment
Vulnrichment
added 2026/05/20 7:12 p.m.8 views

CVE-2026-9126

Use after free in DOM in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

6.2AI score0.00396EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/05/20 7:12 p.m.9 views

CVE-2026-9126

Use after free in DOM in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00396EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.21 views

Amazon Linux 2023 : firefox (ALAS2023-2026-1652)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1652 advisory. Double-Free / Use-After-Free UAF in the IntoIter::drop and ThinVec::clear functions in the thinvec crate. A panic in ptr::dropinplace skips setting the length to zero. CVE-2026-6654...

9.8CVSS6.1AI score0.04938EPSS
Exploits2References60
Kaspersky
Kaspersky
added 2026/05/19 12:0 a.m.20 views

KLA91066 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in WebRTC can be exploite...

8.8CVSS6.6AI score0.00796EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.12 views

PT-2026-42245

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.179 Description A use after free issue in the Document Object Model DOM allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Use after free i...

8.8CVSS6.2AI score0.00501EPSS
Exploits0References30
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.21 views

Amazon Linux 2 : thunderbird, --advisory ALAS2-2026-3290 (ALAS-2026-3290)

The version of thunderbird installed on the remote host is prior to 140.10.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3290 advisory. Double-Free / Use-After-Free UAF in the IntoIter::drop and ThinVec::clear functions in the thinvec crate. A panic i...

9.8CVSS6AI score0.04938EPSS
Exploits2References52
NVD
NVD
added 2026/05/06 7:16 p.m.8 views

CVE-2026-7907

Use after free in DOM in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00267EPSS
Exploits0References2
Rows per page
Query Builder