Lucene search
K

705 matches found

Microsoft CVE
Microsoft CVE
added 2026/06/09 2:0 p.m.11 views

Chromium: CVE-2026-11145 Race in Geolocation

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

5.3CVSS5.4AI score0.00164EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/07 5:3 a.m.13 views

CVE-2026-11145

A race flaw was found in the Geolocation component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=501683745...

6.1CVSS5.4AI score0.00164EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/06/07 4:43 a.m.10 views

SUSE CVE-2026-11145

Race in Geolocation in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS5.5AI score0.00164EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/05 12:31 a.m.12 views

EUVD-2026-34606

Race in Geolocation in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00164EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-11145

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Race in Geolocation in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium...

5.3CVSS5.5AI score0.00164EPSS
Exploits0References2
NVD
NVD
added 2026/06/04 11:17 p.m.8 views

CVE-2026-11145

Race in Geolocation in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS0.00164EPSS
Exploits0References2
OSV
OSV
added 2026/06/04 11:17 p.m.7 views

DEBIAN-CVE-2026-11145

Race in Geolocation in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS5.5AI score0.00164EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/04 11:5 p.m.35 views

CVE-2026-11145

Race in Geolocation in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

0.00164EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/04 11:5 p.m.9 views

CVE-2026-11145

Race in Geolocation in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.5AI score0.00164EPSS
Exploits0References2
CVE
CVE
added 2026/06/04 11:5 p.m.53 views

CVE-2026-11145

Consolidated details show a vulnerability in Google Chrome for Android (affected component: Geolocation) due to a race condition, allowing a remote attacker to leak cross-origin data via a crafted HTML page. Impact is described as Confidentiality HIGH with no integrity/availability impact, CVSS b...

5.3CVSS5.8AI score0.00164EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/04 11:5 p.m.9 views

CVE-2026-11145

Race in Geolocation in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS5.5AI score0.00164EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.14 views

PT-2026-46672

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description A race condition in the Geolocation feature allows a remote attacker to leak cross-origin data, which is data from a different origin than the one that initiated the request,...

9.6CVSS5.9AI score0.00493EPSS
Exploits0References437
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.6 views

Google Chrome 竞争条件问题漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a vulnerability related to competition conditions in geolocation functions. This vulnerability could allow remote attackers to exploit cross-source data through specially crafted HTM...

5.3CVSS5.4AI score0.00164EPSS
Exploits0References3
Fedora
Fedora
added 2026/06/01 1:1 a.m.33 views

[SECURITY] Fedora 43 Update: suricata-7.0.16-1.fc43

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

5.8AI score
Exploits0
EUVD
EUVD
added 2026/05/30 9:28 a.m.14 views

EUVD-2026-33453

The GEO my WP plugin for WordPress is vulnerable to SQL Injection via the 'swlatlng' and 'nelatlng' parameters in all versions up to, and including, 4.5.5 The parameters are read from $SERVER'QUERYSTRING' via parsestr bypassing WordPress's wpmagicquotes protection, which only covers...

7.5CVSS5.8AI score0.00344EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/30 12:0 a.m.17 views

PT-2026-45090

Name of the Vulnerable Software and Affected Versions GEO my WP versions prior to 4.5.6 Description The plugin is subject to SQL Injection, allowing unauthenticated attackers to append additional SQL queries to extract sensitive information from the database. The issue occurs because the swlatlng...

7.5CVSS5.6AI score0.00344EPSS
Exploits0References14
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Firefox

When sharing geolocation during an active WebRTC share, Firefox may reset the WebRTC sharing state in the user interface, resulting in a loss of control over the currently granted permissions. This vulnerability affects Firefox versions earlier than 85...

4.3CVSS5.5AI score0.00657EPSS
Exploits0References1
Malwarebytes
Malwarebytes
added 2026/05/19 3:56 p.m.13 views

Biometrics, diagnoses, and bank details exposed in major healthcare breach

NYC Health + Hospitals NYC H+H posted a data breach notice about a months‑long breach via a third‑party vendor that exposed highly sensitive patient and employee data for at least 1.8 million people, including medical records, government IDs, geolocation data, and even fingerprint and palm‑print...

5.7AI score
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/18 9:51 p.m.9 views

CVE-2026-27892 FacturaScripts: Unstripped Image Metadata (EXIF) Leakage via Library Module File Upload/Download

FacturaScripts is an open source accounting and invoicing software. In versions prior to 2026, the Library module stores and serves uploaded images byte-for-byte, without stripping EXIF/XMP/IPTC metadata. Any authenticated user who downloaded an image could extract the uploader's embedded metadat...

6.5CVSS5.7AI score0.00227EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/05/14 2:7 p.m.185 views

FortiGate-FortiWeb-Multi-Exploit-Extractor

FortiGate-FortiWeb-Multi-Exploit-Extractor markdown Fort...

9.8CVSS7.3AI score0.99999EPSS
Exploits61
Rows per page
Query Builder