Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 4 days ago8 views

CVE-2026-8827

The AddressRepository::getSqlQuery method constructs a database query without properly sanitizing user input, leading to SQL Injection. The method is not invoked anywhere within the extension itself and therefore poses no direct risk in a default installation. However, custom extensions that call...

8.2CVSS5.5AI score0.0004EPSS
Exploits0References1
The Hacker News
The Hacker Newsadded 2026/04/10 11:0 a.m.5 views

Browser Extensions Are the New AI Consumption Channel That No One Is Talking About

While much of the discussion on AI security centers around protecting ‘shadow’ AI and GenAI consumption, there's a wide-open window nobody's guarding: AI browser extensions. A new report from LayerX exposes just how deep this blind spot goes, and why AI extensions may be the most dangerous AI...

6.1AI score
Exploits0
CNNVD
CNNVDadded 2026/04/07 12:0 a.m.4 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 147.0.7727.55 contained a security vulnerability. This vulnerability stemmed from insufficient execution of DevTools policies, which could allow attackers to bypass corporate host...

6.5CVSS7.4AI score0.00022EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2025/12/03 12:0 a.m.4 views

Fedora 42 : cef (2025-58193e3850)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-58193e3850 advisory. Update to 142.0.7444.162 High CVE-2025-12725: Out of bounds write in WebGPU High CVE-2025-12726: Inappropriate implementation in Views High...

8.8CVSS6.9AI score0.00127EPSS
Exploits2References26
The Hacker News
The Hacker Newsadded 2025/04/15 1:25 p.m.20 views

Majority of Browser Extensions Can Access Sensitive Enterprise Data, New Report Finds

Everybody knows browser extensions are embedded into nearly every user's daily workflow, from spell checkers to GenAI tools. What most IT and security people don't know is that browser extensions' excessive permissions are a growing risk to organizations. LayerX today announced the release of the...

6.8AI score
Exploits0
OSV
OSVadded 2024/10/24 9:15 p.m.0 views

UBUNTU-CVE-2024-47882

OpenRefine is a free, open source tool for working with messy data. Prior to version 3.8.3, the built-in "Something went wrong!" error page includes the exception message and exception traceback without escaping HTML tags, enabling injection into the page if an attacker can reliably produce an...

6.1CVSS5.7AI score0.00199EPSS
Exploits1References5
OSV
OSVadded 2023/06/02 5:15 p.m.2 views

DEBIAN-CVE-2023-25729

Permission prompts for opening external schemes were only shown for ContentPrincipals resulting in extensions being able to open them without user interaction via ExpandedPrincipals. This could lead to further malicious actions such as downloading files or interacting with software already...

8.8CVSS7.9AI score0.00124EPSS
Exploits0References1
RedHat Linux
RedHat Linuxadded 2023/02/20 8:30 a.m.2 views

Mozilla: Extensions could have opened external schemes without user knowledge

The Mozilla Foundation Security Advisory describes this flaw as: Permission prompts for opening external schemes were only shown for ContentPrincipals resulting in extensions being able to open them without user interaction via ExpandedPrincipals. This could lead to further malicious actions such...

8.8CVSS7.3AI score0.00124EPSS
Exploits0References6
Rows per page
Query Builder