Lucene search
K

26594 matches found

NVD
NVD
added 2026/06/30 11:17 p.m.4 views

CVE-2026-14082

Race in Storage in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

6.5CVSS0.0021EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.3 views

DEBIAN-CVE-2026-14021

Insufficient policy enforcement in StorageAccessAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00247EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 11:17 p.m.4 views

CVE-2026-14021

Insufficient policy enforcement in StorageAccessAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00247EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.2 views

DEBIAN-CVE-2026-13976

Insufficient data validation in Storage in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

5.8CVSS5.8AI score0.0018EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 11:17 p.m.5 views

CVE-2026-13976

Insufficient data validation in Storage in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

5.8CVSS0.0018EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:54 p.m.15 views

CVE-2026-50110

The CVE-2026-50110 entry concerns Storage Concentrator (SC & SCVM) that contains hardcoded credentials for numerous internal services embedded in a configuration file. The credentials are encoded but reversible to plaintext, exposing accounts for databases, licensing, replication, and third-party...

9.3CVSS5.8AI score0.00128EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/30 10:54 p.m.23 views

CVE-2026-50110 Use of Hard-coded Credentials in StoneFly Storage Concentrator

Storage Concentrator SC & SCVM contains hardcoded credentials for numerous internal services embedded within a configuration file. While the credentials are stored in an encoded format, the encoding can be reversed to plaintext. The exposed credentials span a broad range of internal services,...

9.3CVSS0.00128EPSS
Exploits0References3
CVE
CVE
added 2026/06/30 10:50 p.m.19 views

CVE-2026-56413

CVE-2026-56413 affects StoneFly Storage Concentrator (SC & SCVM). The ms_service.pl component listening on TCP port 9000 is vulnerable to command injection. An unauthenticated remote attacker can send a specially crafted network packet that is processed without proper sanitization, enabling arbit...

10CVSS6.2AI score0.03081EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/30 10:40 p.m.23 views

CVE-2026-56415 OS Command Injection in StoneFly Storage Concentrator

Storage Concentrator SC & SCVM contains a command injection vulnerability within the debug.pl script that is reachable without authentication. A remote attacker can submit a specially crafted HTTP request containing a malicious payload that is processed without adequate input sanitization,...

10CVSS0.03074EPSS
Exploits0References3
CVE
CVE
added 2026/06/30 10:40 p.m.26 views

CVE-2026-56415

The vulnerability CVE-2026-56415 affects the Storage Concentrator (SC & SCVM). The issue is a command injection in the debug.pl script that is reachable without authentication. A remote attacker can send a crafted HTTP request containing a malicious payload which is processed without proper input...

10CVSS6.2AI score0.03074EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/30 10:39 p.m.22 views

CVE-2026-14156

Insufficient policy enforcement in StorageAccessAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

0.002EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:39 p.m.22 views

CVE-2026-14156

CVE-2026-14156 : Concrete details across multiple sources show an issue in Google Chrome’s StorageAccessAPI where insufficient policy enforcement enables a remote attacker who compromised a renderer process to bypass same-origin policy via a crafted HTML page. Affected component: StorageAccessAPI...

6.5CVSS5.8AI score0.002EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/30 10:39 p.m.6 views

CVE-2026-14156

Insufficient policy enforcement in StorageAccessAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

6.5CVSS5.8AI score0.002EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/30 10:39 p.m.23 views

CVE-2026-14155

Insufficient policy enforcement in StorageAccessAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

0.0021EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:39 p.m.4 views

CVE-2026-14155

Insufficient policy enforcement in StorageAccessAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

6.5CVSS5.8AI score0.0021EPSS
Exploits0
CVE
CVE
added 2026/06/30 10:39 p.m.20 views

CVE-2026-14155

Technical details are not publicly available in the provided documents for CVE-2026-14155; monitor for updates from the connected sources.

6.5CVSS5.8AI score0.0021EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/30 10:39 p.m.24 views

CVE-2026-14082

Race in Storage in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

0.0021EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:39 p.m.18 views

CVE-2026-14082

This CVE (CVE-2026-14082) concerns a Race in Storage in Google Chrome, affecting Chrome versions prior to 150.0.7871.47. The vulnerability allows a remote attacker to leak cross-origin data via a crafted HTML page. According to the connected documents, this issue is described with a Chromium-base...

6.5CVSS5.8AI score0.0021EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/30 10:39 p.m.5 views

CVE-2026-14082

Race in Storage in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

6.5CVSS5.8AI score0.0021EPSS
Exploits0
CVE
CVE
added 2026/06/30 10:38 p.m.14 views

CVE-2026-14021

Affected software: Google Chrome (StorageAccessAPI in Chromium). Vulnerability: insufficient policy enforcement allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Versions: prior to 150.0.7871.47. Impact: cross-origin data leakage...

6.5CVSS5.8AI score0.00247EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder