5864 matches found
firefox: thunderbird: Same-origin policy bypass in the Networking: Cookies component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: Cookies component...
PT-2026-54198
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in DeviceBoundSessionCredentials allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a...
PT-2026-54431
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient policy enforcement in the StorageAccessAPI allows a remote attacker who has compromised the renderer process to bypass the same origin policy using a crafted HTML page. The...
PT-2026-54158
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in WebAppInstalls allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or script loaded...
PT-2026-54116
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in CSS allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or script loaded from one...
PT-2026-54314
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient policy enforcement in the GetUserMedia function allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or...
PT-2026-54332
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in the Federated Credential Management FedCM API allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts...
PT-2026-54235
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in Blink allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or script load...
PT-2026-54099
Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description An inappropriate implementation in the Extensions component allows an attacker to bypass the same origin policy—a security mechanism that restricts how a document or script...
PT-2026-54321
Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description An inappropriate implementation in CustomTabs allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or script...
PT-2026-54299
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in the SanitizerAPI allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or...
PT-2026-54201
Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in the WebView component allows a remote attacker who has already compromised the renderer process to bypass the same origin policy...
firefox: thunderbird: Same-origin policy bypass in the Networking: Cookies component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: Cookies component...
firefox: thunderbird: Same-origin policy bypass in the Networking: Cookies component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: Cookies component...
CVE-2026-13021
Inappropriate implementation in DeviceBoundSessionCredentials in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...
EUVD-2026-39036
Inappropriate implementation in DeviceBoundSessionCredentials in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...
CVE-2026-13021
Inappropriate implementation in DeviceBoundSessionCredentials in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
Insufficient validation of untrusted inputs in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass the same-origin policy through a crafted HTML page. Chromium security severity: Low...
OPENSUSE-SU-2026:21043-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issue Update to Firefox 140.12.0 ESR MFSA 2026-58, bsc1268071: - CVE-2026-12289: Privilege escalation in the Graphics: WebRender component. - CVE-2026-12290: Memory safety bug fixed in Firefox ESR 140.12. - CVE-2026-12291: Use-after-free in the...
PT-2026-52039
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.197 Description An inappropriate implementation in DeviceBoundSessionCredentials allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document ...