5861 matches found
PT-2026-54116
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in CSS allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or script loaded from one...
PT-2026-54321
Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description An inappropriate implementation in CustomTabs allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or script...
PT-2026-54332
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in the Federated Credential Management FedCM API allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts...
PT-2026-54299
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in the SanitizerAPI allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or...
PT-2026-54099
Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description An inappropriate implementation in the Extensions component allows an attacker to bypass the same origin policy—a security mechanism that restricts how a document or script...
PT-2026-54158
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in WebAppInstalls allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or script loaded...
PT-2026-54235
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in Blink allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or script load...
PT-2026-54201
Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in the WebView component allows a remote attacker who has already compromised the renderer process to bypass the same origin policy...
PT-2026-54198
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in DeviceBoundSessionCredentials allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a...
firefox: thunderbird: Same-origin policy bypass in the Networking: Cookies component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: Cookies component...
firefox: thunderbird: Same-origin policy bypass in the Networking: Cookies component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: Cookies component...
CVE-2026-13021
Inappropriate implementation in DeviceBoundSessionCredentials in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...
EUVD-2026-39036
Inappropriate implementation in DeviceBoundSessionCredentials in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...
CVE-2026-13021
Inappropriate implementation in DeviceBoundSessionCredentials in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
Insufficient validation of untrusted inputs in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass the same-origin policy through a crafted HTML page. Chromium security severity: Low...
OPENSUSE-SU-2026:21043-1 Security update for MozillaFirefox
This update for MozillaFirefox fixes the following issue Update to Firefox 140.12.0 ESR MFSA 2026-58, bsc1268071: - CVE-2026-12289: Privilege escalation in the Graphics: WebRender component. - CVE-2026-12290: Memory safety bug fixed in Firefox ESR 140.12. - CVE-2026-12291: Use-after-free in the...
PT-2026-52039
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.197 Description An inappropriate implementation in DeviceBoundSessionCredentials allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document ...
Astra Linux – Vulnerability in Firefox
Bypass of the same-origin policy in the Networking: JAR component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...
Astra Linux – Vulnerability in Chromium
Insufficient policy enforcement in ChromeDriver in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass the same-origin policy through a crafted HTML page. Chromium security severity: Medium...
Astra Linux – Vulnerability in Firefox
Bypass of the same-origin policy in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 148.0.2...