Lucene search
K

824 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.5 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Use-after-free in the Storage: IndexedDB component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

8.8CVSS5.8AI score0.00419EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.12 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Sandbox escape in the Storage: IndexedDB component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

10CVSS5.8AI score0.00366EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Firefox and Thunderbird

If the browser.privatebrowsing.autostart preference is enabled, IndexedDB files are not properly deleted when the window is closed. This preference is disabled by default in Firefox. This vulnerability affects Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11...

4.3CVSS6.7AI score0.00488EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Before version 90.0.4430.72, using IndexedDB in Google Chrome allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape through a crafted Chrome Extension...

8.6CVSS7.7AI score0.00943EPSS
Exploits0References1
Redos
Redos
added 2026/06/10 12:0 a.m.7 views

ROS-20260610-73-0014

The vulnerability of the IndexedDB component in browsers such as Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to the exposure of information. Exploiting this vulnerability can allow an attacker to compromise the confidentiality and accessibility of protected informati...

6.5CVSS5.8AI score0.04938EPSS
Exploits1
Redos
Redos
added 2026/06/09 12:0 a.m.8 views

ROS-20260609-73-0001

The vulnerability of the IndexedDB component in browsers such as Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to the exposure of information. Exploiting this vulnerability can allow an attacker to compromise the confidentiality and accessibility of protected informati...

6.5CVSS5.5AI score0.04938EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/06/07 5:17 a.m.9 views

CVE-2026-11246

An insufficient validation of untrusted input flaw was found in the IndexedDB component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497660733...

6.8CVSS5.4AI score0.00202EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/06/07 4:40 a.m.8 views

SUSE CVE-2026-11246

Insufficient validation of untrusted input in IndexedDB in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

5.3CVSS5.5AI score0.00202EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/06/05 2:0 p.m.10 views

Chromium: CVE-2026-11246 Insufficient validation of untrusted input in IndexedDB

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

5.3CVSS5.4AI score0.00202EPSS
Exploits0
EUVD
EUVD
added 2026/06/05 12:31 a.m.9 views

EUVD-2026-34707

Insufficient validation of untrusted input in IndexedDB in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00202EPSS
Exploits0References3
NVD
NVD
added 2026/06/05 12:17 a.m.9 views

CVE-2026-11246

Insufficient validation of untrusted input in IndexedDB in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

5.3CVSS0.00202EPSS
Exploits0References2
OSV
OSV
added 2026/06/05 12:17 a.m.5 views

DEBIAN-CVE-2026-11246

Insufficient validation of untrusted input in IndexedDB in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

5.3CVSS5.5AI score0.00202EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-11246

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in IndexedDB in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer proce...

5.3CVSS5.5AI score0.00202EPSS
Exploits0References2
CVE
CVE
added 2026/06/04 11:5 p.m.28 views

CVE-2026-11246

CVE-2026-11246 affects Google Chrome’s IndexedDB usage in the renderer, due to insufficient input validation. The issue allows a remote attacker who has compromised the renderer process to bypass the same-origin policy via a crafted HTML page. Affected behavior is limited to Chrome versions prior...

5.3CVSS5.8AI score0.00202EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/04 11:5 p.m.42 views

CVE-2026-11246

Insufficient validation of untrusted input in IndexedDB in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

0.00202EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/04 11:5 p.m.8 views

CVE-2026-11246

Insufficient validation of untrusted input in IndexedDB in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

5.5AI score0.00202EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/04 11:5 p.m.8 views

CVE-2026-11246

Insufficient validation of untrusted input in IndexedDB in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

5.3CVSS5.5AI score0.00202EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.9 views

PT-2026-46773

Insufficient validation of untrusted input in IndexedDB in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00202EPSS
Exploits0References3
OSV
OSV
added 2026/05/28 3:43 p.m.25 views

RLSA-2026:19348 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Incorrect boundary conditions in the Libraries component in NSS CVE-2026-6772 firefox: thunderbird: Use-after-free in the JavaScript Engine component CVE-2026-6754 firefox: thunderbird: Spoofing...

8.8CVSS6AI score0.04938EPSS
Exploits1References30
Rockylinux
Rockylinux
added 2026/05/28 3:43 p.m.21 views

thunderbird security update

An update is available for thunderbird. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. Security...

9.8CVSS6AI score0.04938EPSS
Exploits1
Rows per page
Query Builder