Lucene search
K

524 matches found

Cvelist
Cvelist
added 2026/06/30 10:37 p.m.20 views

CVE-2026-13839

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

0.00218EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.5 views

PT-2026-54115

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in CSS allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or script loaded from one...

9.6CVSS6AI score0.00413EPSS
Exploits0References439
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.5 views

PT-2026-54380

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient policy enforcement in the Speech component allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or script...

9.6CVSS6AI score0.00413EPSS
Exploits0References438
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-13021

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in DeviceBoundSessionCredentials in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to bypass same origin policy vi...

4.3CVSS5.9AI score0.00143EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 7:17 p.m.3 views

DEBIAN-CVE-2026-13021

Inappropriate implementation in DeviceBoundSessionCredentials in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.9AI score0.00143EPSS
Exploits0References1
CVE
CVE
added 2026/06/24 6:43 p.m.106 views

CVE-2026-13021

Google Chrome prior to 149.0.7827.197 contains an inappropriate implementation in DeviceBoundSessionCredentials that can allow a remote attacker to bypass the same-origin policy via a crafted HTML page. The CVE description notes a Chromium-based issue with High severity; updates to Chrome are ref...

4.3CVSS5.9AI score0.00143EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/24 6:43 p.m.5 views

CVE-2026-13021

Inappropriate implementation in DeviceBoundSessionCredentials in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.9AI score0.00143EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to bypass the same-origin policy and proxy settings through a crafted HTML page. Chromium security severity: Low...

6.5CVSS6.8AI score0.00883EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.7 views

RHEL 8 : firefox (RHSA-2026:26630)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:26630 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

9.8CVSS6AI score0.00605EPSS
Exploits0References38
RedHat Linux
RedHat Linux
added 2026/06/17 11:2 a.m.6 views

firefox: Same-origin policy bypass in the Networking: HTTP component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: HTTP component...

9.3CVSS5.2AI score0.00194EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/17 8:14 a.m.7 views

firefox: Same-origin policy bypass in the Networking: HTTP component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: HTTP component...

9.3CVSS5.2AI score0.00194EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/16 11:52 a.m.9 views

EUVD-2026-37095

Same-origin policy bypass in the Networking: Cookies component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

9.1CVSS5.2AI score0.00189EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/06/13 2:28 a.m.9 views

SUSE CVE-2026-12024

Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.115 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.3AI score0.00158EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/12 12:57 p.m.30 views

CVE-2026-49993 @nuxt/webpack-builder and @nuxt/rspack-builder dev server same-origin check bypassed when Sec-Fetch-Site, Origin, and Referer are all absent (incomplete fix for GHSA-6m52-m754-pw2g)

Nuxt is an open-source web development framework for Vue.js. In @nuxt/rspack-builder and @nuxt/webpack-builder from versions 3.15.4 to before 3.21.7 and 4.0.0 to before 4.4.7, there is an incomplete fix for GHSA-6m52-m754-pw2g. Source code may still be stolen during dev when using the webpack /...

5.9CVSS0.0028EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2026-12024

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.115 allowed a remote attacker to bypass same origin policy via a crafted HTML...

6.5CVSS5.4AI score0.00158EPSS
Exploits0References2
OSV
OSV
added 2026/06/11 10:16 p.m.7 views

DEBIAN-CVE-2026-12024

Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.115 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.4AI score0.00158EPSS
Exploits0References1
CVE
CVE
added 2026/06/11 8:48 p.m.33 views

CVE-2026-12024

CVE-2026-12024 affects Google Chrome DevTools with insufficient policy enforcement, allowing a remote attacker to bypass the same-origin policy via a crafted HTML page. The vulnerability is associated with Chrome prior to 149.0.7827.115. According to the connected sources, this is mitigated by up...

6.5CVSS5.5AI score0.00158EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/11 8:48 p.m.9 views

CVE-2026-12024

Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.115 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

5.3AI score0.00158EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:51 a.m.11 views

SUSE CVE-2026-10912

Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.5AI score0.0028EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:44 a.m.12 views

SUSE CVE-2026-11133

Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00202EPSS
Exploits0References2
Rows per page
Query Builder