Lucene search
K

213 matches found

EUVD
EUVD
added 2026/07/01 12:34 a.m.9 views

EUVD-2026-40618

Inappropriate implementation in Sharing in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00288EPSS
Exploits0References3
NVD
NVD
added 2026/06/30 11:17 p.m.7 views

CVE-2026-13944

Inappropriate implementation in DataTransfer in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

3.1CVSS0.00174EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:38 p.m.20 views

CVE-2026-13892

CVE-2026-13892 concerns Chrome for iOS before version 150.0.7871.47, where an inappropriate implementation allowed a remote attacker who lured a user into specific UI gestures to leak cross-origin data via a crafted HTML page. The issue affects Chrome on iOS (Chromium-based) and has a Medium seve...

6.5CVSS5.8AI score0.00282EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/30 10:37 p.m.5 views

CVE-2026-13800

Inappropriate implementation in Updater in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: High...

7.8CVSS5.8AI score0.00116EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.6 views

PT-2026-54136

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in ANGLE, a compatibility layer that allows OpenGL ES APIs to run on non-native platforms, could allow a remote attacker to perform a sandbox escape. Thi...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
OSV
OSV
added 2026/06/24 7:17 p.m.2 views

DEBIAN-CVE-2026-13022

Inappropriate implementation in Autofill in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.9AI score0.00138EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/17 1:38 a.m.9 views

CVE-2026-12463

Inappropriate implementation in Views in Google Chrome on Linux prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: High...

4.7CVSS5.6AI score0.00133EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/07 4:47 a.m.10 views

SUSE CVE-2026-11020

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted XML file. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00221EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/05 12:31 a.m.12 views

EUVD-2026-34660

Inappropriate implementation in WebRTC in Google Chrome prior to 149.0.7827.53 allowed an attacker in a privileged network position to leak cross-origin data via malicious network traffic. Chromium security severity: Medium...

5.8AI score0.00189EPSS
Exploits0References3
CVE
CVE
added 2026/06/04 11:5 p.m.34 views

CVE-2026-11238

CVE-2026-11238 concerns the Google Chrome DevTools implementation. The connected documents state that an insecure DevTools path in Chrome prior to version 149.0.7827.53 allows a user-assisted attack: if a user installs a malicious extension, memory contents from affected processes may be exposed....

5.9CVSS5.8AI score0.0017EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/04 11:5 p.m.8 views

CVE-2026-11232

Inappropriate implementation in TabGroups in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via malicious network traffic. Chromium security severity: Low...

5.5AI score0.00146EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.16 views

PT-2026-46549

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in Extensions allows a remote attacker to leak cross-origin data, which is data from a different origin than the one that requested it, by using a crafte...

9.6CVSS5.8AI score0.00985EPSS
Exploits0References434
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.10 views

PT-2026-46561

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the Password Manager allows a remote attacker to leak cross-origin data, which is data from a different domain than the one that initiated the request...

9.6CVSS5.8AI score0.00985EPSS
Exploits0References434
Vulnrichment
Vulnrichment
added 2026/05/06 6:12 p.m.7 views

CVE-2026-7978

Inappropriate implementation in Companion in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to perform OS-level privilege escalation via malicious network traffic. Chromium security severity: Medium...

5.8AI score0.00237EPSS
Exploits0References2
OSV
OSV
added 2026/04/06 4:55 p.m.2 views

CVE-2026-35036 Ech0 Affected by Unauthenticated Server-Side Request Forgery in Website Preview Feature

Ech0 is an open-source, self-hosted publishing platform for personal idea sharing. Prior to 4.2.8, Ech0 implements link preview editor fetches a page title through GET /api/website/title. That is legitimate product behavior, but the implementation is unsafe: the route is unauthenticated, accepts ...

7.5CVSS6AI score0.00327EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/03/04 8:19 p.m.16 views

locutus call_user_func_array vulnerable to Remote Code Execution (RCE) due to Code Injection

Details A Remote Code Execution RCE flaw was discovered in the locutus project v2.0.39, specifically within the calluserfuncarray function implementation. The vulnerability allows an attacker to inject arbitrary JavaScript code into the application's runtime environment. This issue stems from an...

8.1CVSS6.2AI score0.00786EPSS
Exploits1References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/11 6:8 p.m.3 views

CVE-2026-2315

Inappropriate implementation in WebGPU in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

5.6AI score0.08272EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/07 9:27 a.m.11 views

CVE-2019-12731

The Windows versions of Snapview Mikogo, versions before 5.10.2 are affected by insecure implementations which allow local attackers to escalate privileges...

7.8CVSS7AI score0.00313EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2025/10/01 11:25 p.m.5 views

SUSE CVE-2025-11209

Inappropriate implementation in Omnibox in Google Chrome on Android prior to 141.0.7390.54 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

8.2CVSS6.5AI score0.00243EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/09/25 2:53 a.m.6 views

CVE-2025-59484

The use of a broken or risky cryptographic algorithm was discovered in firmware version 3.60 of the Click Plus PLC. The vulnerability relies on the fact that the software uses an insecure implementation of the RSA encryption algorithm...

8.7CVSS7AI score0.00115EPSS
Exploits0References1
Rows per page
Query Builder