8206 matches found
PT-2026-38198
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description Insufficient validation of untrusted input in Cast allows an attacker on the local network segment to bypass the same origin policy via malicious network traffic. The same origin policy...
PT-2026-38162
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description An integer overflow in the Network component allows a remote attacker who has compromised the renderer process to bypass the same origin policy a security mechanism that restricts how a...
PT-2026-38161
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description Insufficient validation of untrusted input in Cross-Origin Resource Sharing CORS—a mechanism that allows restricted resources on a web page to be requested from another domain—enables a...
JLSEC-2026-388
A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number...
Security Bulletin:Requests SSL Verification Issue Fixed in 2.32.0
Summary Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to the value ...
Astra Linux - уязвимость в firefox, thunderbird
Bypass of the same-origin policy in the Request Handling component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...
Astra Linux - уязвимость в requests
Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to the value of verif...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: LoongArch: mm: Added definitions for p?dleaf When I perform the LTP test, the LTP test case ksm06 caused a panic at breakksmpmdentry - pmdleaf Huge page table, but False - ptepresent panic The reason is that pmdleaf is not define...
Astra Linux - уязвимость в firefox, thunderbird
Bypass of the same-origin policy in the Graphics:Canvas2D component. This vulnerability was fixed in Firefox 142, Firefox ESR 115.27, Firefox ESR 128.14, Firefox ESR 140.2, Thunderbird 142, Thunderbird 128.14, and Thunderbird 140.2...
Astra Linux - уязвимость в liblivemedia
Live555 version 1.08 does not handle MPEG-1 or 2 files properly. Sending two consecutive RTSP SETUP commands for the same track causes a use-after-free error and results in a crash of the daemon...
Astra Linux - уязвимость в firefox
Bypass of the same-origin policy in the Networking: JAR component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...
Astra Linux - уязвимость в chromium
Insufficient policy enforcement in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to bypass the same-origin policy and proxy settings through a crafted HTML page. Chromium security severity: Low...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerabilities have been resolved: NFS: Fixed a use-after-free in nfs4initclient. KASAN reports a use-after-free when attempting to mount two different exports through two different NICs that belong to the same server. Olga was able to exploit this issue with...
Astra Linux - уязвимость в chromium
Inappropriate implementation in navigations in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass the same-origin policy through a crafted HTML page. Chromium security severity: Low...
Astra Linux - уязвимость в chromium
Insufficient policy enforcement in ChromeDriver in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass the same-origin policy through a crafted HTML page. Chromium security severity: Medium...
Astra Linux - уязвимость в firefox, thunderbird
Offscreen Canvas did not properly prevent cross-origin tampering, which could have been used to access image data from another site in violation of the same-origin policy. This vulnerability affects Firefox 116, Firefox ESR 102.14, and Firefox ESR 115.1...
Astra Linux - уязвимость в firefox, thunderbird
Offscreen Canvas did not properly prevent cross-origin tampering, which could allow access to image data from another site in violation of the same-origin policy. This vulnerability affects Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12...
Astra Linux - уязвимость в firefox
When a user opened the Web Extensions context menu, the Web Extension could access the post-redirect URL of the clicked element. If the Web Extension did not have the necessary WebRequest permissions for the hosts involved in the redirection, this would constitute a same-origin violation, allowin...
Astra Linux - уязвимость в linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ksmbd: It is now possible to limit repeated connections from clients with the same IP address. Repeated connections from clients with the same IP address may exhaust the maximum number of connections allowed, thereby preventing...
Astra Linux - уязвимость в chromium
Inappropriate implementations of WebAuthentication in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass the same-origin policy through a crafted HTML page...