Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a security vulnerability. This vulnerability stemmed from an issue with the ANGLE component where uninitialized resources were used, which could allow remote attackers to exploit th...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a security vulnerability caused by improper implementations in Skia. This vulnerability could allow remote attackers who have compromised rendering processes to exploit the...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a security vulnerability. This vulnerability stemmed from integer overflow in the ANGLE component, which could allow remote attackers to exploit the vulnerability through specially...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.179 contained a security vulnerability. This vulnerability stemmed from insufficient execution of the ServiceWorker strategy, which could allow remote attackers to leak cross-source data through...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability. This vulnerability stemmed from insufficient network policy execution, which could allow remote attackers to leak cross-source data through specially craft...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability, which was caused by a side-channel information leakage issue in the Navigation component. This vulnerability could allow remote attackers to leak...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability. This vulnerability stemmed from insufficient policy execution by the ViewTransitions component, which could allow remote attackers to exploit the...

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 had a vulnerability related to input validation errors. This vulnerability stemmed from insufficient input validation in DevTools, which could allow remote attackers to exploit cross-source da...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a security vulnerability. This vulnerability stemmed from insufficient policy execution in Search, which could allow remote attackers to leak cross-source data through specially...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a security vulnerability caused by ANGLE integer overflow. This vulnerability could allow remote attackers to exploit the vulnerability through specially crafted HTML pages, resultin...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a buffer overflow vulnerability, which was caused by excessive Skia drawing operations. This vulnerability could allow remote attackers with access to the damaged rendering process t...

RealVuln: Benchmarking Rule-Based, General-Purpose LLM, and Security-Specialized Scanners on Real-World Code

How do security scanners perform on real-world code? We present RealVuln, the first open-source benchmark comparing Rule-Based SAST, General-Purpose LLMs, and Security-Specialized scanners on 26 intentionally vulnerable Python repositories educational and Capture-The-Flag applications with 796...

MCPThreatHive: Automated Threat Intelligence for Model Context Protocol Ecosystems

The rapid proliferation of Model Context Protocol MCP-based agentic systems has introduced a new category of security threats that existing frameworks are inadequately equipped to address. We present MCPThreatHive, an open-source platform that automates the end-to-end lifecycle of MCP threat...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.55 contained a security vulnerability caused by the leakage of side-channel information during navigation. This vulnerability could allow remote attackers to leak cross-source data through...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.55 contained a security vulnerability, which was caused by improper navigation implementations. This vulnerability could allow remote attackers to exploit the system by leaking cross-source data...

CVE-2026-25644

DataHub is an open-source metadata platform. Prior to version 1.3.1.8, the LDAP ingestion source is vulnerable to MITM attack through TLS downgrade. This issue has been patched in version 1.3.1.8...

CVE-2025-2140

IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user on the network to spoof email identity of the sender due to improper verification of source data...

CVE-2025-2140 IBM Engineering Requirements Management Doors Next spoofing

IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user on the network to spoof email identity of the sender due to improper verification of source data...

CVE-2025-2140

CVE-2025-2140 affects IBM Engineering Requirements Management DOORS Next versions 7.0.2, 7.0.3, and 7.1. An authenticated network user could spoof the sender email identity due to improper verification of source data. The vulnerability has a CVSS v3.1 base score of 5.7 (I(H), A(N), C(N)) with imp...

PT-2025-41722

Name of the Vulnerable Software and Affected Versions IBM Engineering Requirements Management Doors Next versions 7.0.2 through 7.1 Description An authenticated user on the network may be able to spoof the email identity of the sender due to improper verification of source data. Recommendations...