Lucene search
K

8 matches found

EUVD
EUVD
added 2026/07/01 12:34 a.m.7 views

EUVD-2026-40739

Insufficient policy enforcement in FileSystem in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00221EPSS
Exploits0References3
CVE
CVE
added 2026/06/30 10:39 p.m.21 views

CVE-2026-14037

CVE-2026-14037 affects Google Chrome (GPU component) due to insufficient policy enforcement in the GPU, enabling a sandbox escape if a renderer is compromised via a crafted HTML page. The vulnerability applies to Chrome versions prior to 150.0.7871.47 and is described with a low severity level bu...

9.6CVSS5.8AI score0.00253EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/11 8:48 p.m.9 views

CVE-2026-12024

Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.115 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.4AI score0.00158EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/04 11:5 p.m.34 views

CVE-2026-11197

Insufficient policy enforcement in Workers in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

0.00201EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/04 11:5 p.m.8 views

CVE-2026-11178

Insufficient policy enforcement in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00152EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/02/26 10:40 p.m.13 views

CVE-2026-28225

Manyfold is exposed to an authorization bypass in older releases. Before version 0.133.1, the get_model method in ModelFilesController loads models with Model.find_param(params[:model_id]) without enforcing policy_scope(), bypassing Pundit authorization, unlike other controllers (e.g., ModelsCont...

6.5CVSS5.4AI score0.00265EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/04/05 1:15 a.m.5 views

CVE-2022-0799

Insufficient policy enforcement in Installer in Google Chrome on Windows prior to 99.0.4844.51 allowed a remote attacker to perform local privilege escalation via a crafted offline installer file...

8.8CVSS7.8AI score0.00966EPSS
Exploits0References4
OSV
OSV
added 2019/12/10 10:15 p.m.3 views

UBUNTU-CVE-2019-13763

Insufficient policy enforcement in payments in Google Chrome prior to 79.0.3945.79 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page...

4.3CVSS6.8AI score0.01219EPSS
Exploits0References4
Rows per page
Query Builder