Lucene search
K

953 matches found

EUVD
EUVD
added 2026/07/03 8:35 p.m.8 views

EUVD-2026-41597

Insufficient ui warning of dangerous operations in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

4.3CVSS6AI score0.00398EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/03 8:35 p.m.10 views

EUVD-2026-41569

Improper access control in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

8.1CVSS6AI score0.00312EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/03 8:35 p.m.7 views

CVE-2026-57993

Server-side request forgery ssrf in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

7.4CVSS6AI score0.00603EPSS
Exploits0References2Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/07/03 2:0 p.m.7 views

Microsoft Edge (Chromium-based) Spoofing Vulnerability

Access of resource using incompatible type 'type confusion' in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...

8.1CVSS6AI score0.00329EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.10 views

PT-2026-55648

Name of the Vulnerable Software and Affected Versions Microsoft Edge Chromium-based affected versions not specified Description Improper neutralization of input during web page generation leads to cross-site scripting XSS, a condition where malicious scripts are injected into trusted websites. Th...

6.1CVSS5.8AI score0.0024EPSS
Exploits0References9
EUVD
EUVD
added 2026/07/01 12:34 a.m.7 views

EUVD-2026-40675

Incorrect security UI in Mobile in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.0019EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/30 10:39 p.m.25 views

CVE-2026-14144

Incorrect security UI in Views in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

0.00136EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.7 views

CVE-2026-13982

Incorrect security UI in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

3.1CVSS5.8AI score0.00205EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/29 10:17 a.m.8 views

gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs

A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted certificate that contains Uniform Resource Identifier URI or Service SRV Subject Alternative Names SANs. This could cause the certificate validation process to incorrectly fall back to...

7.1CVSS5.8AI score0.00354EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/06/25 1:1 p.m.5 views

CVE-2026-52690

Spoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by that server to fail...

5.9CVSS5.8AI score0.00352EPSS
Exploits0
NVD
NVD
added 2026/06/19 9:16 p.m.13 views

CVE-2026-32208

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Entra ID allows an authorized attacker to perform spoofing over a network...

8.8CVSS0.00282EPSS
Exploits0References1
NVD
NVD
added 2026/06/12 4:16 p.m.16 views

CVE-2026-50009

Netty is a network application framework for development of protocol servers and clients. Prior to version 4.2.15.Final, Netty QUIC exposes the stateless reset token on the network path when using the default HMAC-based connection-ID and stateless-reset-token generators. The reset token for the...

4.8CVSS0.00204EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/12 2:26 p.m.10 views

CVE-2026-5792 Authentication Bypass in Hedef Media's Related Marketing Cloud (RMC)

Authentication bypass by spoofing vulnerability in Hedef Media Promotion Interactive Media Marketing Inc. Related Marketing Cloud RMC allows Brute Force. This issue affects Related Marketing Cloud RMC: through 12052026...

6.5CVSS5.2AI score0.0021EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:3 p.m.9 views

CVE-2026-47639

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

5.4CVSS7AI score0.0051EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:2 p.m.14 views

CVE-2026-33113

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

6.1CVSS7AI score0.00522EPSS
Exploits0References1
Redos
Redos
added 2026/06/10 12:0 a.m.8 views

ROS-20260610-73-0006

The vulnerability in Thunderbird relates to the bypassing of authentication mechanisms through spoofing. Exploiting this vulnerability allows a malicious actor to carry out spoofing attacks remotely...

6.3CVSS5.4AI score0.00157EPSS
Exploits0
EUVD
EUVD
added 2026/06/09 6:30 p.m.13 views

EUVD-2026-35511

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

4.6CVSS7.1AI score0.00505EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 5:17 p.m.16 views

CVE-2026-47640

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

5.4CVSS0.00505EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 5:17 p.m.17 views

CVE-2026-47637

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network...

5.4CVSS0.00505EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 5:17 p.m.14 views

CVE-2026-45483

Improper neutralization of input during web page generation 'cross-site scripting' in Microsoft Office Project Server allows an authorized attacker to perform spoofing over a network...

5.4CVSS0.00505EPSS
Exploits0References1
Rows per page
Query Builder