Lucene search
K

365581 matches found

EUVD
EUVD
added 20 hours ago4 views

EUVD-2026-40833

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

5.8AI score
Exploits0References3
EUVD
EUVD
added 20 hours ago4 views

EUVD-2026-40692

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.8AI score
Exploits0References3
NVD
NVD
added yesterday4 views

CVE-2026-14012

Side-channel information leakage in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS
Exploits0References2
CVE
CVE
added yesterday7 views

CVE-2026-13943

CVE-2026-13943 affects Google Chrome on Android and is caused by uninitialized use in CSS. A crafted HTML page can allow a remote attacker to read potentially sensitive information from process memory. Affected version range is Chrome on Android prior to 150.0.7871.47; the issue is mitigated by u...

6.5CVSS5.8AI score
Exploits0References2
CVE
CVE
added yesterday6 views

CVE-2026-13839

CVE-2026-13839 corresponds to an issue in Google Chrome (CSS handling) where an inappropriate CSS implementation allowed a remote attacker to bypass the same-origin policy via a crafted HTML page. Affected software: Google Chrome prior to version 150.0.7871.47. Root cause: CSS/HTML rendering path...

6.5CVSS5.8AI score
Exploits0References2
NVD
NVD
added 2026/06/10 8:17 p.m.11 views

CVE-2026-46683

Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.7.0, there is a SSRF and local file read vulnerability via the xsl-style-sheet option. This issue has been patched in version 1.7.0...

6.9CVSS0.00249EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/10 7:53 p.m.27 views

CVE-2026-46683 Snappy: SSRF and local file read via the xsl-style-sheet option

Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.7.0, there is a SSRF and local file read vulnerability via the xsl-style-sheet option. This issue has been patched in version 1.7.0...

6.9CVSS0.00249EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/10 7:53 p.m.7 views

CVE-2026-46683 Snappy: SSRF and local file read via the xsl-style-sheet option

Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.7.0, there is a SSRF and local file read vulnerability via the xsl-style-sheet option. This issue has been patched in version 1.7.0...

6.9CVSS5.3AI score0.00249EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/10 7:53 p.m.9 views

EUVD-2026-36112

Snappy is a PHP library allowing thumbnail, snapshot or PDF generation from a url or a html page. Prior to version 1.7.0, there is a SSRF and local file read vulnerability via the xsl-style-sheet option. This issue has been patched in version 1.7.0...

6.9CVSS5.4AI score0.00249EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/09 3:50 a.m.34 views

CVE-2026-41846 Spring Framework Cross-site Scripting via JSP Form Tags

Spring MVC applications which accept user-supplied values in the cssClass, cssErrorClass, or cssStyle attributes of JSP form tags allow arbitrary HTML/JavaScript code injection, potentially resulting in a cross-site scripting XSS vulnerability. Affected versions: Spring Framework 7.0.0 through...

5.9CVSS0.0014EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.9 views

CVE-2026-49328

Server-Side Request Forgery SSRF in the UrlImageConverter component of Apache Fesod Incubating fesod-sheet before 2.0.2-incubating allows attackers to cause outbound network requests to internal or otherwise restricted resources via a user-supplied image URL. Users are recommended to upgrade to...

5.3CVSS5.4AI score0.00502EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 11:6 p.m.29 views

CVE-2026-11288

The CVE-2026-11288 entry concerns Google Chrome’s CSS policy enforcement. Affects Chrome prior to build 149.0.7827.53, where insufficient policy enforcement in CSS could allow a remote attacker to leak cross-origin data via a crafted HTML page. From the connected sources, the vulnerability is tie...

6.5CVSS5.8AI score0.00197EPSS
Exploits0References2Affected Software1
GithubExploit
GithubExploit
added 2026/06/02 1:2 a.m.62 views

Metasploit-Simulation-lab

🛡️ Metasploit Simulation Lab — Ethical Hacking Training !alt...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability, which was caused by improper CSS implementation. A remote attacker could exploit this vulnerability to leak cross-source data through...

4.3CVSS5.4AI score0.00152EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/01 3:38 p.m.14 views

Malicious code in imgmatrix-analysis (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2a9f964e4264c7bcc91047fdfb9966b1ae807e1e60fafa559d5543ed6e3dc83e During import, the package executes remote commands sourced from a Google Sheet. --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

6AI score
Exploits0References1
OSV
OSV
added 2026/06/01 3:38 p.m.16 views

MAL-2026-5123 Malicious code in imgmatrix-analysis (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2a9f964e4264c7bcc91047fdfb9966b1ae807e1e60fafa559d5543ed6e3dc83e During import, the package executes remote commands sourced from a Google Sheet. --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

6AI score
Exploits0References1
NVD
NVD
added 2026/06/01 11:16 a.m.12 views

CVE-2026-49328

Server-Side Request Forgery SSRF in the UrlImageConverter component of Apache Fesod Incubating fesod-sheet before 2.0.2-incubating allows attackers to cause outbound network requests to internal or otherwise restricted resources via a user-supplied image URL. Users are recommended to upgrade to...

5.3CVSS0.00502EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/01 10:10 a.m.32 views

CVE-2026-49328 Apache Fesod (Incubating): Improper validation of user-supplied URLs leading to SSRF

Server-Side Request Forgery SSRF in the UrlImageConverter component of Apache Fesod Incubating fesod-sheet before 2.0.2-incubating allows attackers to cause outbound network requests to internal or otherwise restricted resources via a user-supplied image URL. Users are recommended to upgrade to...

0.00502EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/01 10:10 a.m.6 views

CVE-2026-49328

Server-Side Request Forgery SSRF in the UrlImageConverter component of Apache Fesod Incubating fesod-sheet before 2.0.2-incubating allows attackers to cause outbound network requests to internal or otherwise restricted resources via a user-supplied image URL. Users are recommended to upgrade to...

5.8AI score0.00502EPSS
Exploits0References5
CVE
CVE
added 2026/06/01 10:10 a.m.32 views

CVE-2026-49328

CVE-2026-49328 describes a Server-Side Request Forgery (SSRF) in the UrlImageConverter component of Apache Fesod (Incubating) fesod-sheet prior to 2.0.2-incubating. The issue allows an attacker to cause outbound network requests to internal or otherwise restricted resources through a user-supplie...

5.3CVSS5.8AI score0.00502EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder