Lucene search
K

47725 matches found

NVD
NVD
added 2026/02/11 7:15 p.m.3 views

CVE-2026-2318

Inappropriate implementation in PictureInPicture in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00225EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/11 6:8 p.m.23 views

CVE-2026-2318

Inappropriate implementation in PictureInPicture in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

0.00225EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/11 6:8 p.m.6 views

CVE-2026-2318

Inappropriate implementation in PictureInPicture in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

5.6AI score0.00225EPSS
Exploits0References2
CVE
CVE
added 2026/02/11 6:8 p.m.21 views

CVE-2026-2318

CVE-2026-2318 concerns an Inappropriate implementation in PictureInPicture in Google Chrome (Chromium) prior to version 145.0.7632.45. The issue allows a remote attacker to induce UI spoofing via a crafted HTML page after convincing a user to perform specific UI gestures. Affected software is Goo...

6.5CVSS5.6AI score0.00225EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/02/11 6:8 p.m.9 views

CVE-2026-2318

Inappropriate implementation in PictureInPicture in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.2AI score0.00225EPSS
Exploits0
The Hacker News
The Hacker News
added 2026/02/11 5:45 p.m.5 views

First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials

Cybersecurity researchers have discovered what they said is the first known malicious Microsoft Outlook add-in detected in the wild. In this unusual supply chain attack detailed by Koi Security, an unknown attacker claimed the domain associated with a now-abandoned legitimate add-in to serve a fa...

6.1AI score
Exploits0
OSV
OSV
added 2026/02/11 4:53 p.m.6 views

DRUPAL-CONTRIB-2026-009

This module allows content to be edited in-place. The module doesn't sufficiently sanitize certain image-related values during the editing process leading to a persistent Cross-site Scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker must have permission to...

5.4CVSS5.5AI score0.00136EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/02/11 3:13 p.m.13 views

set-in Affected by Prototype Pollution

Summary A prototype pollution vulnerability exists in the the npm package set-in =2.0.1. Despite a previous fix that attempted to mitigate prototype pollution by checking whether user input contained a forbidden key, it is still possible to pollute Object.prototype via a crafted input using...

9.8CVSS6AI score0.00461EPSS
Exploits1References8Affected Software1
OSV
OSV
added 2026/02/11 3:13 p.m.2 views

GHSA-2C4M-G7RX-63Q7 set-in Affected by Prototype Pollution

Summary A prototype pollution vulnerability exists in the the npm package set-in =2.0.1. Despite a previous fix that attempted to mitigate prototype pollution by checking whether user input contained a forbidden key, it is still possible to pollute Object.prototype via a crafted input using...

9.4CVSS6.1AI score0.00461EPSS
Exploits1References8
OSV
OSV
added 2026/02/11 1:15 p.m.9 views

CVE-2026-22894

A path traversal vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File Station 5...

6.5CVSS5.8AI score0.00537EPSS
Exploits0References1
NVD
NVD
added 2026/02/11 1:15 p.m.5 views

CVE-2025-66278

A path traversal vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: File Station 5...

6.5CVSS0.00416EPSS
Exploits0References1
OSV
OSV
added 2026/02/11 1:15 p.m.3 views

CVE-2025-58467

A relative path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync...

6.5CVSS5.8AI score0.00416EPSS
Exploits0References1
OSV
OSV
added 2026/02/11 1:15 p.m.5 views

CVE-2025-52869

A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 2026/01/20 and...

8.1CVSS6AI score0.00398EPSS
Exploits0References1
OSV
OSV
added 2026/02/11 1:15 p.m.3 views

CVE-2025-53598

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4...

6.5CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2026/02/11 1:15 p.m.7 views

CVE-2025-54146

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4...

6.5CVSS0.00467EPSS
Exploits0References1
OSV
OSV
added 2026/02/11 1:15 p.m.2 views

CVE-2025-47209

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4...

6.5CVSS5.8AI score0.00391EPSS
Exploits0References1
NVD
NVD
added 2026/02/11 1:15 p.m.4 views

CVE-2025-48723

A buffer overflow vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4 2026/01/20 and...

8.1CVSS0.00378EPSS
Exploits0References1
OSV
OSV
added 2026/02/11 1:15 p.m.4 views

CVE-2025-48722

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4...

6.5CVSS5.8AI score0.00391EPSS
Exploits0References1
OSV
OSV
added 2026/02/11 1:15 p.m.3 views

CVE-2025-30266

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4...

6.5CVSS5.8AI score0.00391EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/11 12:20 p.m.22 views

CVE-2025-30266 Qsync Central

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4...

2.3CVSS0.00391EPSS
Exploits0References1
Rows per page
Query Builder