Lucene search
K

3699 matches found

Cvelist
Cvelist
added 3 days ago21 views

CVE-2026-14138

Inappropriate implementation in WebAppInstalls in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

0.00163EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago20 views

CVE-2026-14099

Use after free in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Low...

0.00255EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago22 views

CVE-2026-14028

Incorrect security UI in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

0.00163EPSS
Exploits0References2
CVE
CVE
added 3 days ago7 views

CVE-2026-14005

Google Chrome for Android is affected by a use-after-free in Omnibox leading to potential heap corruption via a crafted HTML page. This vulnerability requires user interaction (UI gestures) and can impact confidentiality, integrity, and availability as per CVSS. Affected component: Chrome Android...

8.8CVSS5.8AI score0.00253EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 3 days ago21 views

CVE-2026-13997

Incorrect security UI in Extensions in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

0.00154EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago20 views

CVE-2026-13986

Inappropriate implementation in Media UI in Google Chrome on ChromeOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

0.00186EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago21 views

CVE-2026-13973

Inappropriate implementation in UI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

0.00186EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago21 views

CVE-2026-13956

Incorrect security UI in PageInfo in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

0.00186EPSS
Exploits0References2
CVE
CVE
added 3 days ago6 views

CVE-2026-13907

CVE-2026-13907 describes an inappropriate implementation in iOSWeb in Google Chrome on iOS (versions prior to 150.0.7871.47) that could allow UI spoofing when a user is guided to perform specific UI gestures on a crafted HTML page. Impact is described as Medium (CVSS 4.2); remediation or patch de...

4.2CVSS5.8AI score0.00212EPSS
Exploits0References2Affected Software1
CVE
CVE
added 3 days ago10 views

CVE-2026-13895

CVE-2026-13895 concerns an inappropriate implementation in Google Chrome’s Autofill component (Chromium) prior to version 150.0.7871.47. A remote attacker could trigger UI spoofing by persuading a user to perform specific UI gestures on a crafted HTML page. The documented impact is limited to UI ...

4.2CVSS5.8AI score0.00212EPSS
Exploits0References2Affected Software1
CVE
CVE
added 3 days ago11 views

CVE-2026-13860

Google Chrome on Windows is affected by CVE-2026-13860 due to an Incorrect security UI in Autofill, allowing UI spoofing when a user is induced to perform specific UI gestures via a crafted HTML page. The issue affects Chrome versions prior to 150.0.7871.47; exploitation requires user interaction...

4.2CVSS5.8AI score0.00199EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 3 days ago3 views

CVE-2026-13807

Use after free in Import in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a malicious file. Chromium security severity: High...

7.5CVSS6.2AI score0.00286EPSS
Exploits0
CVE
CVE
added 3 days ago7 views

CVE-2026-13802

CVE-2026-13802 is a use-after-free vulnerability in Chrome’s Views component that can enable arbitrary code execution when a user is tricked into specific UI gestures on a crafted HTML page. The public reports (NVD, Debian OSV, ENISA EUVD, CVE List, and related vendor advisories) consistently des...

7.5CVSS6.2AI score0.0031EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 4 days ago6 views

CVE-2026-12912 Libtiff: libtiff: heap-based buffer overflow via crafted pixarlog-compressed tiff image

A flaw was found in libtiff. A remote attacker could exploit this vulnerability by providing a specially crafted PixarLog-compressed TIFF image. This issue occurs when decoding Pixarlog codec images with the PIXARLOGDATAFMT8BITABGR output format and a specific stride value, leading to a heap-base...

7.3CVSS6.7AI score0.0023EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 4 days ago6 views

CVE-2026-12912

A flaw was found in libtiff. A remote attacker could exploit this vulnerability by providing a specially crafted PixarLog-compressed TIFF image. This issue occurs when decoding Pixarlog codec images with the PIXARLOGDATAFMT8BITABGR output format and a specific stride value, leading to a heap-base...

7.3CVSS6.7AI score0.0023EPSS
Exploits0References6
OSV
OSV
added 4 days ago5 views

PYSEC-2026-332 ExecuTorch integer overflow vulnerability

An integer overflow vulnerability in the loading of ExecuTorch models can cause objects to be placed outside their allocated memory area, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit 0830af8207240df8d7f35b984cdf8bc35d74fa73...

9.8CVSS6.5AI score0.00571EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 4 days ago10 views

PT-2026-53316

Name of the Vulnerable Software and Affected Versions libtiff affected versions not specified Description A heap-based buffer overflow exists in the PixarLog decoder. A remote attacker can trigger this issue by providing a specially crafted PixarLog-compressed TIFF image. The flaw occurs during t...

7.3CVSS6.6AI score0.0023EPSS
Exploits0References7
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.7 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Clear XSTATEBVi in the guest XSAVE state whenever XFDi=1 When loading the guest XSAVE state via KVMSETXSAVE, and when updating XFD in response to a guest WRMSR, the disabled features in XSTATEBV are cleared to ensure tha...

5.5CVSS5.9AI score0.00198EPSS
Exploits0References3
CVE
CVE
added 2026/06/23 3:17 p.m.7 views

CVE-2025-15619

Technical details about CVE-2025-15619 are not publicly available in the provided documents. No affected products, versions, or remediation are specified. Monitor for updates.

3.5CVSS5.8AI score0.00098EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/23 3:17 p.m.8 views

EUVD-2025-210310

HCL Connections contains a broken access control vulnerability that may allow an unauthorized user to view data in a single specific scenario...

3.5CVSS5.8AI score0.00098EPSS
Exploits0References1
Rows per page
Query Builder