Lucene search
K

3473 matches found

CVE
CVE
added 2026/06/30 10:39 p.m.17 views

CVE-2026-14088

CVE-2026-14088 concerns an uninitialized-use vulnerability in Canvas within Google Chrome on Android . The issue allows a remote attacker to potentially read sensitive information from the process memory through a crafted HTML page, with the impact described as confidential data exposure and the ...

6.5CVSS5.8AI score0.0025EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.17 views

CVE-2026-14042

CVE-2026-14042 concerns Google Chrome Isolated Web Apps. The issue is an inappropriate implementation that allows a remote attacker to perform UI spoofing via a crafted HTML page. It affects Chrome versions prior to 150.0.7871.47 and is described with a Chromium security severity of Low. The prac...

4.3CVSS5.8AI score0.0019EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.23 views

CVE-2026-14024

CVE-2026-14024 : A use-after-free in Ozone within Google Chrome on Linux versions before 150.0.7871.47 allows a remote attacker who entices a user to perform specific UI gestures to potentially trigger heap corruption via a crafted HTML page. Impact is described as high for confidentiality, integ...

8.8CVSS5.8AI score0.00316EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.23 views

CVE-2026-13997

Incorrect security UI in Extensions in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

0.00154EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.6 views

CVE-2026-13965

Use after free in Oilpan in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00379EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.6 views

CVE-2026-13885

Use after free in Skia in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00379EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.24 views

CVE-2026-13871

Insufficient policy enforcement in GuestView in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

0.00272EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:37 p.m.13 views

CVE-2026-13803

CVE-2026-13803 describes a Type Confusion in Chrome Tabs affecting Google Chrome prior to 150.0.7871.47. The root cause is a type-confusion vulnerability in the Chrome renderer that could allow a remote attacker who already compromised the renderer process to potentially escape the sandbox by pre...

8.3CVSS5.8AI score0.00303EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/30 10:37 p.m.5 views

CVE-2026-13782

Use after free in Browser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

10CVSS5.8AI score0.00293EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/30 10:37 p.m.5 views

CVE-2026-13780

Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.8AI score0.00314EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/30 10:37 p.m.29 views

CVE-2026-13776

Type Confusion in Dawn in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

0.00343EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:37 p.m.7 views

CVE-2026-13776

Type Confusion in Dawn in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.8CVSS5.8AI score0.00343EPSS
Exploits0
CVE
CVE
added 2026/06/30 7:32 p.m.15 views

CVE-2026-13449

IBM Business Automation Manager Open Editions (versions 9.0.0–9.4.2) are vulnerable to an XML External Entity (XXE) attack when processing XML data, potentially exposing sensitive information or exhausting memory. Root cause: XXE in XML processing. Impact: confidentiality and availability risks a...

9.1CVSS5.8AI score0.00406EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/06/30 1:18 p.m.9 views

CVE-2026-44946

A SAML authentication replay vulnerability in Rancher's Assertion Consumer Service ACS handler did not enforce one-time use of SAML assertion, potentially allowing person in the middle attacks against Rancher, affecting Rancher 2.14.0 before 2.14.3,...

9.5CVSS0.00291EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.7 views

PT-2026-54332

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in the Federated Credential Management FedCM API allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.5 views

PT-2026-54313

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in the New Tab Page allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HT...

9.8CVSS6AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.7 views

PT-2026-54291

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A race condition in the WebRTC component on Windows allows a remote attacker to leak cross-origin data by using a specially crafted HTML page. WebRTC Web Real-Time Communication is a...

9.8CVSS6AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.5 views

PT-2026-54278

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in the Geolocation feature allows a remote attacker who has already compromised the renderer process to perform UI spoofing. This is achieved by using a...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.10 views

PT-2026-54276

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An improper implementation of XML allows a remote attacker to perform Universal Cross-Site Scripting UXSS by using a crafted HTML page to inject arbitrary scripts or HTML. Recommendatio...

9.8CVSS6.1AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.6 views

PT-2026-54171

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient policy enforcement within the Network component allows an attacker in a privileged network position to bypass navigation restrictions by using a crafted HTML page...

9.8CVSS5.9AI score0.00413EPSS
Exploits0References448
Rows per page
Query Builder