Lucene search
K

7005 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Firefox, Thunderbird

The Opportunistic Encryption feature of HTTP2 RFC 8164 allows a connection to be transparently upgraded to TLS while maintaining the visual properties of an HTTP connection. This means that the connection remains within the same origin as unencrypted connections on port 80. However, if a second...

6.5CVSS6.7AI score0.00805EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Firefox

When a user opened the Web Extensions context menu, the Web Extension could access the post-redirect URL of the clicked element. If the Web Extension did not have the necessary WebRequest permissions for the hosts involved in the redirection, this would constitute a same-origin violation, allowin...

4.3CVSS6AI score0.00329EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to bypass the same-origin policy and proxy settings through a crafted HTML page. Chromium security severity: Low...

6.5CVSS6.8AI score0.00883EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Firefox, Thunderbird

A violation of the same-origin policy could have allowed the theft of cross-origin URL entries, leading to the leakage of the results of a redirect, through the use of performance.getEntries. This vulnerability affects Firefox 106, Firefox ESR 102.4, and Thunderbird 102.4...

8.1CVSS7.6AI score0.00414EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Offscreen Canvas did not properly prevent cross-origin tampering, which could have been used to access image data from another site in violation of the same-origin policy. This vulnerability affects Firefox 116, Firefox ESR 102.14, and Firefox ESR 115.1...

5.3CVSS6.6AI score0.00527EPSS
Exploits0References2
NVD
NVD
added 2026/06/19 12:16 a.m.10 views

CVE-2026-12049

Open redirect in pgAdmin 4's multi-factor authentication flow. The MFA validate and register endpoints honoured the user-supplied 'next' query/form parameter without confirming the target pointed back inside pgAdmin, so an authenticated victim who clicked /mfa/validate?next= -- a link typically...

6.1CVSS0.00218EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/18 11:37 p.m.36 views

CVE-2026-12049 pgAdmin 4: Open redirect in multi-factor authentication flow via unvalidated 'next' parameter

Open redirect in pgAdmin 4's multi-factor authentication flow. The MFA validate and register endpoints honoured the user-supplied 'next' query/form parameter without confirming the target pointed back inside pgAdmin, so an authenticated victim who clicked /mfa/validate?next= -- a link typically...

5.3CVSS0.00218EPSS
Exploits0References2
CVE
CVE
added 2026/06/18 11:37 p.m.35 views

CVE-2026-12049

CVE-2026-12049 affects pgAdmin 4. An open redirect vulnerability exists in the MFA flow where the next parameter is not validated against the current origin, allowing an authenticated user to be redirected to an attacker-controlled host via /mfa/validate?next=… This is a trusted-domain redirect r...

6.1CVSS5.4AI score0.00218EPSS
Exploits0References2Affected Software1
SUSE CVE
SUSE CVE
added 2026/06/18 1:59 a.m.6 views

SUSE CVE-2026-12453

Insufficient validation of untrusted input in Input in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

4.2CVSS5.3AI score0.0018EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/18 1:59 a.m.8 views

SUSE CVE-2026-12456

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.155 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension. Chromium security severity: High...

4.2CVSS5.2AI score0.00137EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.11 views

PT-2026-50815

Name of the Vulnerable Software and Affected Versions pgAdmin 4 versions 6.0 through 9.15 Description An open redirect exists in the multi-factor authentication MFA flow. The MFA validate and register endpoints, specifically '/mfa/validate', process the user-supplied next query or form parameter...

5.3CVSS5.8AI score0.00218EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.7 views

Siemens RUGGEDCOM RST2428P Insertion of Sensitive Information Into Sent Data (CVE-2025-66035)

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability is a Credential...

7.7CVSS6.3AI score0.00572EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.5 views

RHEL 8 : firefox (RHSA-2026:26606)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:26606 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

9.8CVSS6AI score0.00605EPSS
Exploits0References38
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.7 views

RHEL 8 : firefox (RHSA-2026:26630)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:26630 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

9.8CVSS6AI score0.00605EPSS
Exploits0References38
RedhatCVE
RedhatCVE
added 2026/06/17 8:23 p.m.7 views

CVE-2026-12304

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: Cookies component...

9.1CVSS5.2AI score0.00189EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/17 6:35 p.m.9 views

EUVD-2026-37541

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.155 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension. Chromium security severity: High...

4.2CVSS5.3AI score0.00137EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/17 6:35 p.m.8 views

EUVD-2026-37538

Insufficient validation of untrusted input in Input in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

4.2CVSS5.4AI score0.0018EPSS
Exploits0References3
Debian
Debian
added 2026/06/17 6:1 p.m.7 views

[SECURITY] [DSA 6350-1] firefox-esr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6350-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 17, 2026 https://www.debian.org/security/faq -...

9.6CVSS5.6AI score0.00476EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/17 3:44 p.m.8 views

firefox: Same-origin policy bypass in the Networking: HTTP component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: HTTP component...

9.3CVSS5.2AI score0.00194EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/17 3:24 p.m.8 views

firefox: Same-origin policy bypass in the Networking: HTTP component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: HTTP component...

9.3CVSS5.2AI score0.00194EPSS
Exploits0References6
Rows per page
Query Builder