Lucene search
K

3455 matches found

CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a vulnerability related to input validation, which stems from Skia’s insufficient validation of untrusted inputs...

3.1CVSS5.3AI score0.002EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.9 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. of the United States. Google Chrome has a vulnerability related to input validation, which stems from insufficient validation of untrusted inputs...

5.4CVSS5.3AI score0.00214EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. of the United States. Google Chrome has a vulnerability related to input validation, which stems from insufficient validation of untrusted inputs...

6.5CVSS5.3AI score0.00225EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.11 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. of the United States. Google Chrome has a vulnerability related to input validation, which stems from insufficient validation of untrusted inputs...

6.5CVSS5.3AI score0.00225EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a vulnerability related to input validation, which stems from Dawn’s insufficient validation of unreliable inputs...

8.3CVSS5.3AI score0.0023EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.12 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. of the United States. Google Chrome has a vulnerability related to input validation, which stems from insufficient validation of untrusted inputs...

8.3CVSS5.3AI score0.00258EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.11 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. of the United States. Google Chrome has a vulnerability related to input validation, which stems from insufficient validation of untrusted inputs...

9.6CVSS5.3AI score0.00252EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.10 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. in the United States. Google Chrome has a vulnerability related to input validation, which stems from Passwords’ insufficient validation for untrusted inputs...

8.1CVSS5.3AI score0.00218EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.7 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a vulnerability related to input validation, which stems from Dawn’s insufficient validation of unreliable inputs...

3.1CVSS5.3AI score0.00171EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/06 6:43 p.m.12 views

CVE-2026-49492

Markdown Preview Enhanced before 0.8.28 opens external files and links from the preview through a shell and does not validate untrusted inputs taken from the markdown document - the diagram filename attribute, imported file paths, and the latexengine code-chunk attribute. On Windows, a crafted...

8.8CVSS5.7AI score0.0034EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/06/06 12:0 a.m.6 views

Hiding in Plain Floats: Steganographic Carriers for Indirect Prompt and Content Injection

Text-centered prompt-injection defenses assume that the malicious signal is visible in one of the inspected text views. We study a reproducible LLM01-style indirect prompt/content-injection failure mode where that assumption breaks: a payload caught in plain English slips past the same detector...

5.5AI score
Exploits0
OSV
OSV
added 2026/06/05 11:16 p.m.9 views

PYSEC-2026-215

Internationalized Domain Names in Applications IDNA for Python provides support for Internationalized Domain Names in Applications IDNA and Unicode IDNA Compatibility Processing. In versions prior to 3.15, payloads such as "\u0660" N or "\u30fb" N + "\u6f22" utilize the validcontexto function pri...

5.3CVSS6.1AI score0.00408EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/05 10:6 p.m.33 views

CVE-2026-45409 Internationalized Domain Names in Applications (IDNA): Specially crafted inputs to idna.encode() can bypass CVE-2024-3651 fix

Internationalized Domain Names in Applications IDNA for Python provides support for Internationalized Domain Names in Applications IDNA and Unicode IDNA Compatibility Processing. In versions prior to 3.15, payloads such as "\u0660" N or "\u30fb" N + "\u6f22" utilize the validcontexto function pri...

6.9CVSS0.00408EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/05 10:6 p.m.9 views

CVE-2026-45409

Internationalized Domain Names in Applications IDNA for Python provides support for Internationalized Domain Names in Applications IDNA and Unicode IDNA Compatibility Processing. In versions prior to 3.15, payloads such as "\u0660" N or "\u30fb" N + "\u6f22" utilize the validcontexto function pri...

7.5CVSS6.6AI score0.01386EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.8 views

CVE-2026-42499

Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322...

7.5CVSS5.4AI score0.00768EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:36 p.m.7 views

CVE-2026-41178

OpenTelemetry-Go is the Go implementation of OpenTelemetry. Versions 1.41.0 and 1.43.0 removed raw-length rejection and it causes Parse to process arbitrarily large/invalid baggage headers and log errors, enabling DoS via oversized inputs. Versions 1.42.0 and 1.44.0 fix the issue...

5.3CVSS5.4AI score0.00237EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/05 7:34 p.m.12 views

EUVD-2026-34911

An administrative cross-site scripting XSS vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. Unvalidated user-supplied variables are echoed back to administrative profiles, facilitating vector payload processin...

5.8CVSS5.2AI score0.00154EPSS
Exploits0References1
CVE
CVE
added 2026/06/05 7:34 p.m.23 views

CVE-2026-25624

CVE-2026-25624 is an administrative cross-site scripting vulnerability in the web UI dashboard layout of Arista Edge Threat Management NGFW. The issue involves unvalidated user-supplied variables echoed back to administrative profiles, enabling XSS when an attacker has administrative UI access. A...

5.8CVSS5.2AI score0.00154EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/05 7:34 p.m.10 views

CVE-2026-25624 Arista Edge Threat Management NGFW UI Administrative Cross-Site Scripting

An administrative cross-site scripting XSS vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. Unvalidated user-supplied variables are echoed back to administrative profiles, facilitating vector payload processin...

5.8CVSS5.2AI score0.00154EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/05 7:34 p.m.27 views

CVE-2026-25624 Arista Edge Threat Management NGFW UI Administrative Cross-Site Scripting

An administrative cross-site scripting XSS vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. Unvalidated user-supplied variables are echoed back to administrative profiles, facilitating vector payload processin...

5.8CVSS0.00154EPSS
Exploits0References1
Rows per page
Query Builder