Lucene search
K

5861 matches found

Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.6 views

PT-2026-54116

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in CSS allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or script loaded from one...

9.8CVSS6AI score0.00413EPSS
Exploits0References449
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.6 views

PT-2026-54321

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description An inappropriate implementation in CustomTabs allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or script...

9.8CVSS6AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.7 views

PT-2026-54332

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in the Federated Credential Management FedCM API allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.5 views

PT-2026-54299

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in the SanitizerAPI allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or...

9.8CVSS6AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.14 views

PT-2026-54099

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description An inappropriate implementation in the Extensions component allows an attacker to bypass the same origin policy—a security mechanism that restricts how a document or script...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.10 views

PT-2026-54158

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in WebAppInstalls allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or script loaded...

9.8CVSS6AI score0.00413EPSS
Exploits0References449
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.11 views

PT-2026-54235

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in Blink allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or script load...

9.6CVSS6AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.10 views

PT-2026-54201

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in the WebView component allows a remote attacker who has already compromised the renderer process to bypass the same origin policy...

9.6CVSS6AI score0.00479EPSS
Exploits0References447
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.11 views

PT-2026-54198

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in DeviceBoundSessionCredentials allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a...

9.6CVSS6AI score0.00413EPSS
Exploits0References448
RedHat Linux
RedHat Linux
added 2026/06/29 6:30 p.m.7 views

firefox: thunderbird: Same-origin policy bypass in the Networking: Cookies component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: Cookies component...

9.1CVSS5.7AI score0.00189EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/25 4:16 p.m.10 views

firefox: thunderbird: Same-origin policy bypass in the Networking: Cookies component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: Cookies component...

9.1CVSS5.8AI score0.00189EPSS
Exploits0References6
NVD
NVD
added 2026/06/24 7:17 p.m.8 views

CVE-2026-13021

Inappropriate implementation in DeviceBoundSessionCredentials in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

4.3CVSS0.00143EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/24 6:43 p.m.6 views

EUVD-2026-39036

Inappropriate implementation in DeviceBoundSessionCredentials in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.9AI score0.00143EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/24 6:43 p.m.37 views

CVE-2026-13021

Inappropriate implementation in DeviceBoundSessionCredentials in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

0.00143EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.13 views

Astra Linux – Vulnerability in Chromium

Insufficient validation of untrusted inputs in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass the same-origin policy through a crafted HTML page. Chromium security severity: Low...

6.5CVSS6.9AI score0.0019EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 8:25 a.m.3 views

OPENSUSE-SU-2026:21043-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issue Update to Firefox 140.12.0 ESR MFSA 2026-58, bsc1268071: - CVE-2026-12289: Privilege escalation in the Graphics: WebRender component. - CVE-2026-12290: Memory safety bug fixed in Firefox ESR 140.12. - CVE-2026-12291: Use-after-free in the...

9.6CVSS5.8AI score0.00476EPSS
Exploits0References30
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.15 views

PT-2026-52039

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.197 Description An inappropriate implementation in DeviceBoundSessionCredentials allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document ...

4.3CVSS5.8AI score0.00143EPSS
Exploits0References6
AstraLinux
AstraLinux
added 2026/06/23 11:48 a.m.8 views

Astra Linux – Vulnerability in Firefox

Bypass of the same-origin policy in the Networking: JAR component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS6.1AI score0.00229EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/23 11:48 a.m.7 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in ChromeDriver in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass the same-origin policy through a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00187EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/23 11:48 a.m.6 views

Astra Linux – Vulnerability in Firefox

Bypass of the same-origin policy in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 148.0.2...

6.5CVSS5.4AI score0.00112EPSS
Exploits0References3
Rows per page
Query Builder