Lucene search
K

524 matches found

CNNVD
CNNVD
added 2026/06/02 12:0 a.m.6 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 had a vulnerability related to input validation. This vulnerability stemmed from insufficient input validation in the DevTools component, which could allow remote attackers to trick users into...

8.8CVSS5.3AI score0.00303EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability. This vulnerability stemmed from insufficient execution of the PreviewTab policy in the Android version, which could allow remote attackers to bypass the...

6.5CVSS5.7AI score0.00151EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability. This vulnerability stemmed from improper implementations in the Canvas library, which could allow remote attackers to bypass the same-origin policy through...

6.5CVSS5.4AI score0.00165EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 had a vulnerability related to input validation. This vulnerability stemmed from insufficient execution of the FoldableAPIs component’s policies, allowing remote attackers to bypass the...

4.7CVSS5.6AI score0.00177EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/30 2:16 a.m.14 views

SUSE CVE-2026-9989

Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to bypass same origin policy via a crafted video file. Chromium security severity: High...

6.3CVSS5.8AI score0.00107EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/28 10:25 p.m.9 views

CVE-2026-9989

Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to bypass same origin policy via a crafted video file. Chromium security severity: High...

6.3CVSS5.8AI score0.00107EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/28 10:25 p.m.8 views

CVE-2026-9950

Insufficient validation of untrusted input in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00199EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/27 4:18 p.m.14 views

firefox: Same-origin policy bypass in the Networking: HTTP component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: HTTP component...

9.3CVSS5.7AI score0.00194EPSS
Exploits0References6
OSV
OSV
added 2026/05/27 12:0 a.m.14 views

ALSA-2026:21381 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component CVE-2026-8391 firefox: Sandbox escape in the Profile Backup component...

9.8CVSS5.9AI score0.00605EPSS
Exploits0References40
SUSE CVE
SUSE CVE
added 2026/05/21 1:12 p.m.13 views

SUSE CVE-2026-9115

Insufficient policy enforcement in Service Worker in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.8AI score0.00224EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/20 7:12 p.m.10 views

CVE-2026-9115

Insufficient policy enforcement in Service Worker in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.8AI score0.00224EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/05/20 7:12 p.m.195 views

CVE-2026-9115

CVE-2026-9115 : In Google Chrome, the Service Worker policy enforcement is insufficient prior to 148.0.7778.179, permitting a remote attacker to bypass the same-origin policy via a crafted HTML page. Affected: Chrome/Chromium's Service Worker. Impact is a potential cross-origin bypass as describe...

4.3CVSS5.8AI score0.00224EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinux
added 2026/05/20 7:12 p.m.5 views

CVE-2026-9115

Insufficient policy enforcement in Service Worker in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.5AI score0.00224EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/20 2:32 a.m.13 views

SUSE CVE-2026-8950

Same-origin policy bypass in the Networking: HTTP component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

6.5CVSS5.8AI score0.00194EPSS
Exploits0References12
ATTACKERKB
ATTACKERKB
added 2026/05/19 12:29 p.m.8 views

CVE-2026-8950

Same-origin policy bypass in the Networking: HTTP component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

9.3CVSS5.8AI score0.00194EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2026/05/19 12:29 p.m.8 views

CVE-2026-8950

Same-origin policy bypass in the Networking: HTTP component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11...

9.3CVSS5.8AI score0.00194EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.12 views

Mozilla Firefox多款产品 访问控制错误漏洞

Mozilla Firefox, among others, are products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Firefox ESR is a extended support version of Firefox the web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla...

9.3CVSS5.8AI score0.00194EPSS
Exploits0References1
NVD
NVD
added 2026/05/06 7:16 p.m.6 views

CVE-2026-7968

Insufficient validation of untrusted input in CORS in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

3.1CVSS0.00216EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/06 6:13 p.m.5 views

CVE-2026-8005

Insufficient validation of untrusted input in Cast in Google Chrome prior to 148.0.7778.96 allowed an attacker on the local network segment to bypass same origin policy via malicious network traffic. Chromium security severity: Low...

5.8AI score0.00104EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/29 9:0 a.m.7 views

CVE-2026-42042

A flaw was found in Axios, a promise-based HTTP client. A remote attacker can exploit this vulnerability by manipulating the withXSRFToken configuration property to a truthy non-boolean value. This bypasses the same-origin check, causing Cross-Site Request Forgery XSRF tokens to be sent to...

6.1CVSS5AI score0.00228EPSS
Exploits1References4
Rows per page
Query Builder