Lucene search
K

88945 matches found

CVE
CVE
added 2026/06/30 10:38 p.m.11 views

CVE-2026-13972

CVE-2026-13972 affects Google Chrome (Paint) prior to version 150.0.7871.47. Root cause: Inappropriate implementation in Paint allowing a remote attacker to trigger UI spoofing through a crafted HTML page. Impact is UI spoofing with no data disclosure or other impacts stated; impact categories in...

4.3CVSS5.8AI score0.0023EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.25 views

CVE-2026-13972

Inappropriate implementation in Paint in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

0.0023EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.27 views

CVE-2026-13941

Inappropriate implementation in SiteSettings in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

0.0023EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.5 views

CVE-2026-13915

Use after free in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS5.8AI score0.00316EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.3 views

CVE-2026-13912

Inappropriate implementation in Safe Browsing in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.0023EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.3 views

CVE-2026-13889

Side-channel information leakage in WebAuthentication in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00296EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/30 10:37 p.m.3 views

CVE-2026-13842

Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.8AI score0.00227EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/30 10:37 p.m.4 views

CVE-2026-13838

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.8AI score0.00218EPSS
Exploits0
CVE
CVE
added 2026/06/30 10:37 p.m.11 views

CVE-2026-13837

Summary: CVE-2026-13837 is a Chrome/Chromium UI spoofing flaw caused by an inappropriate CSS implementation in the browser before version 150.0.7871.47. A remote attacker could lure a user to open a crafted HTML page to spoof UI elements. Affected software: Google Chrome (Chromium-based) prior to...

4.3CVSS5.8AI score0.00245EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:37 p.m.15 views

CVE-2026-13793

Summary: CVE-2026-13793 describes insufficient policy enforcement in SVG handling within Google Chrome prior to 150.0.7871.47. The root cause is faulty SVG policy enforcement, which allowed a remote attacker to leak cross-origin data through a specially crafted HTML page. Impact (as stated): Cros...

6.5CVSS5.8AI score0.00233EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:37 p.m.22 views

CVE-2026-13783

CVE-2026-13783 is a Use-After-Free in Views in Google Chrome affecting versions before 150.0.7871.47. The vulnerability could allow a remote attacker to exploit heap corruption by convincing a user to perform specific UI gestures on a crafted HTML page. Several connected sources (NVD, Debian, EUV...

9.6CVSS5.8AI score0.00314EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:8 p.m.10 views

CVE-2025-71374

CVE-2025-71374 affects picklescan prior to 0.0.29. The library fails to detect the built-in Python profile.Profile.run function when used in pickle reduce methods, enabling remote attackers to craft malicious pickle files that bypass detection and achieve code execution upon deserialization. The ...

8.1CVSS6.5AI score0.00638EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/30 5:41 p.m.3 views

ruby/net-imap: ruby: Net::IMAP: IMAP Command Injection via Symbol Arguments

A flaw was found in Net::IMAP, a Ruby library that provides Internet Message Access Protocol IMAP client functionality. This vulnerability allows a remote attacker to inject arbitrary IMAP commands. This is achieved by passing specially crafted symbol arguments to IMAP commands. Successful...

7.1CVSS6AI score0.00813EPSS
Exploits0References8
CVE
CVE
added 2026/06/30 9:10 a.m.12 views

CVE-2026-12076

Vulnerability summary (CVE-2026-12076): Raytha CMS is affected by a SQL Injection in the OData filter parsing pipeline. The flaw allows a remote, unauthenticated attacker to execute arbitrary SQL against a PostgreSQL database, potentially leading to full database compromise and credential extract...

9.3CVSS5.9AI score0.00431EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.8 views

PT-2026-54144

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in the Geolocation feature allows a remote attacker to perform UI spoofing, which is the act of mimicking a legitimate user interface to deceive users, b...

9.6CVSS6AI score0.00413EPSS
Exploits0References438
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.5 views

PT-2026-54347

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in the SplitView feature allows a remote attacker to perform UI spoofing, which is the act of mimicking a legitimate user interface to deceive users, by...

9.6CVSS6AI score0.00413EPSS
Exploits0References439
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.7 views

PT-2026-54254

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient policy enforcement in the PageInfo component allows a remote attacker to perform UI spoofing, which is the act of mimicking a legitimate user interface to deceive users, by...

9.6CVSS6AI score0.00413EPSS
Exploits0References440
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.4 views

PT-2026-54333

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient policy enforcement in the Parser allows a remote attacker to bypass the Content Security Policy CSP, which is a security layer used to detect and mitigate certain types of...

9.6CVSS6AI score0.00413EPSS
Exploits0References438
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.5 views

PT-2026-54219

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description An uninitialized use in CSS allows a remote attacker to obtain potentially sensitive information from process memory by inducing the user to visit a crafted HTML page...

9.6CVSS6AI score0.00413EPSS
Exploits0References439
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.5 views

PT-2026-53980

Name of the Vulnerable Software and Affected Versions IBM watsonx.data intelligence versions 5.2.0 through 5.3.0 Description A remote attacker can obtain sensitive information when the system returns detailed technical error messages in the browser. This exposure of internal data could be leverag...

4.3CVSS6AI score0.00367EPSS
Exploits0References4
Rows per page
Query Builder