1974 matches found
ECHO-FF4F-EC7B-6024
Bulletin has no description...
ECHO-7056-FB40-88E9
Bulletin has no description...
EUVD-2026-40746
Insufficient policy enforcement in Related-Website-Sets in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
DEBIAN-CVE-2026-14059
Insufficient policy enforcement in Related-Website-Sets in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14059
Insufficient policy enforcement in Related-Website-Sets in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14059
Insufficient policy enforcement in Related-Website-Sets in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14059
CVE-2026-14059 concerns Google Chrome (Chromium) and describes insufficient policy enforcement in the Related-Website-Sets mechanism. The vulnerability allows a remote attacker to leak cross-origin data via a crafted HTML page. Affected software version: Chrome prior to 150.0.7871.47 (Chromium ba...
CVE-2026-14059
Insufficient policy enforcement in Related-Website-Sets in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
PT-2026-54334
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient policy enforcement in Related-Website-Sets allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. Cross-origin data leakage occurs when ...
DEBIAN-CVE-2026-53043
In the Linux kernel, the following vulnerability has been resolved: ocfs2/dlm: validate qrnumregions in dlmmatchregions Patch series "ocfs2/dlm: fix two bugs in dlmmatchregions". In dlmmatchregions, the qrnumregions field from a DLMQUERYREGION network message is used to drive loops over the...
CVE-2026-47378
CVE-2026-47378 concerns NocoDB, where before 2026.04.1 public shared-view endpoints could expose hidden-column values through three paths: (1) groupBy could return raw values for any column named in the request, (2) filter and sort arrays operated on hidden columns allowed boolean-blind extractio...
CVE-2026-47378 NocoDB: Hidden Column Exposure in Public Shared View Endpoints
NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, Public shared-view endpoints exposed values from columns that the view owner had hidden, via three independent paths: groupBy returned raw values for any column named in the request, filter and sort arrays operated on...
CVE-2026-47378
NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, Public shared-view endpoints exposed values from columns that the view owner had hidden, via three independent paths: groupBy returned raw values for any column named in the request, filter and sort arrays operated on...
CVE-2026-57062
CVE-2026-57062: The CMS parsing in GnuPG’s gpgsm (up to version 2.5.20) mishandles AES-GCM when processing CMS structures, accepting an aes-ICVlen of 4 bytes instead of the required 12. This is a component/format handling flaw in GnuPG’s CMS implementation. The CVE record cites a related issue (C...
CVE-2025-71357
creationtimestamp| type| source ---|---|--- 2026-06-21 16:28:41+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3moss4gcist27 2026-06-21 17:23:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mosv6sga2a2k...
EUVD-2026-36542
parse-server: Relation $relatedTo query bypasses protectedFields and owning-object ACL...
MINI-59PF-6WXG-J9PX
Bulletin has no description...
CVE-2026-53726
Parse Server contains a vulnerability in the relation query operator $relatedTo. Before versions 8.6.80 and 9.9.1-alpha.6, an unauthenticated client with public API credentials could read membership of a Relation field protected by protectedFields or object ACLs, potentially enumerating objects l...
CVE-2026-5792
Authentication bypass by spoofing vulnerability in Hedef Media Promotion Interactive Media Marketing Inc. Related Marketing Cloud RMC allows Brute Force. This issue affects Related Marketing Cloud RMC: through 12052026...
CVE-2026-50083
The Aqara IAM/SSO Gateway gw-builder.aqara.com used a hardcoded OAuth client credential, which is an instance of "CWE-798: Use of Hard-coded Credentials." This issue has an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 9.1 Critical. When combined with CVE-2026-50082, CVE-50084, a...