CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

351 matches found

SUSE CVE•added 2026/05/08 2:25 a.m.•4 views

SUSE CVE-2026-8004

Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. Chromium security severity: Low...

4.3CVSS5.8AI score0.00021EPSS

Exploits0References3

SUSE CVE•added 2026/05/08 2:25 a.m.•4 views

SUSE CVE-2026-8018

Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via malicious network traffic. Chromium security severity: Low...

8.1CVSS5.8AI score0.0005EPSS

Exploits0References3

CVE•added 2026/05/06 6:13 p.m.•13 views

CVE-2026-8009

CVE-2026-8009: Google Chrome prior to 148.0.7778.96 has an Inappropriate implementation in Cast that lets a remote attacker who compromised the renderer bypass navigation restrictions via a crafted HTML page. Affected software is Chrome versions before 148.0.7778.96; the root cause is an incorrec...

5CVSS5.8AI score0.0004EPSS

Exploits0References2Affected Software1

EUVD•added 2026/04/09 12:32 a.m.•3 views

EUVD-2026-20721

Incorrect security UI in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.9AI score0.00029EPSS

Exploits0References3

OSV•added 2026/04/08 10:16 p.m.•1 views

DEBIAN-CVE-2026-5918

Inappropriate implementation in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

4.3CVSS8.4AI score0.00017EPSS

Exploits0References1

UbuntuCve•added 2026/04/08 10:16 p.m.•1 views

CVE-2026-5913

Out of bounds read in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Low...

8.1CVSS5.8AI score0.00094EPSS

Exploits0References3

EUVD•added 2026/03/12 12:31 a.m.•1 views

EUVD-2026-11472

Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.00042EPSS

Exploits0References3

AlpineLinux•added 2026/03/11 10:4 p.m.•3 views

CVE-2026-3942

Incorrect security UI in PictureInPicture in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.00035EPSS

Exploits0

Debian CVE•added 2026/03/11 10:4 p.m.•2 views

CVE-2026-3940

5.3CVSS5.3AI score0.00032EPSS

Exploits0

Cvelist•added 2026/03/11 10:4 p.m.•22 views

CVE-2026-3938

Insufficient policy enforcement in Clipboard in Google Chrome prior to 146.0.7680.71 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

0.0004EPSS

Exploits0References2

Positive Technologies•added 2026/01/13 12:0 a.m.•1 views

PT-2026-31518

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.55 Description A policy bypass issue existed in the Downloads component of Google Chrome. This allowed a remote attacker to circumvent multi-download protections through a specially crafted HTML page...

9.6CVSS5.8AI score0.00161EPSS

Exploits0References65

OpenVAS•added 2025/12/25 12:0 a.m.•4 views

Fedora: Security Advisory (FEDORA-2025-6e0627440a)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.8AI score0.00459EPSS

Exploits15References10

Patchstack•added 2025/11/15 5:40 a.m.•5 views

WordPress Appointment Booking Calendar plugin <= 1.3.95 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by daroo in WordPress Plugin Appointment Booking Calendar versions = 1.3.95...

6.5CVSS6.8AI score0.00051EPSS

Exploits0Affected Software1

Vulnrichment•added 2025/11/07 11:23 p.m.•1 views

CVE-2025-12906

Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

6AI score0.00054EPSS

Exploits0References2

OSV•added 2025/11/06 10:15 p.m.•1 views

AZL-69902 CVE-2025-11219 affecting package nodejs18 18.20.3-11

Use after free in V8 in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: Low...

3.1CVSS7.4AI score0.00037EPSS

Exploits0References1

Patchstack•added 2025/10/06 10:33 p.m.•7 views

WordPress Blocksy Companion plugin <= 2.1.14 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Rafshanzani Suhada in WordPress Plugin Blocksy Companion versions = 2.1.14...

6.4CVSS5.7AI score0.00034EPSS

Exploits0References1Affected Software1

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-23902

Malicious code in bioql PyPI...

4.3CVSS6.2AI score0.00191EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-57799

Malicious code in bioql PyPI...

4.3CVSS7.3AI score0.00054EPSS

Exploits0References6