Lucene search
K

12791 matches found

NVD
NVD
added 2026/06/30 11:17 p.m.12 views

CVE-2026-13874

Race in DataTransfer in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS0.00198EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:38 p.m.20 views

CVE-2026-13990

CVE-2026-13990 affects Google Chrome on Windows, where insufficient validation of untrusted input in DataTransfer can allow a renderer-priviliged attacker to spoof UI via a crafted HTML page. The vulnerability arises from improper input handling in DataTransfer that enables UI spoofing when an at...

6.5CVSS5.8AI score0.00194EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.25 views

CVE-2026-13990

Insufficient validation of untrusted input in DataTransfer in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

0.00194EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.26 views

CVE-2026-13944

Inappropriate implementation in DataTransfer in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

0.00174EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:38 p.m.161 views

CVE-2026-13874

CVE-2026-13874 describes a race in DataTransfer in Google Chrome (Chromium) prior to version 150.0.7871.47 that could allow a remote attacker to read potentially sensitive information from a process’s memory via a crafted HTML page. The issue is a data race in the DataTransfer pathway, with a net...

5.3CVSS5.8AI score0.00198EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.5 views

CVE-2026-13874

Race in DataTransfer in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS5.8AI score0.00198EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/06/30 2:42 p.m.5 views

mariadb: Arbitrary code execution via improper parameter validation during SST

A flaw was found in MariaDB server. During the State Snapshot Transfer SST process, a malicious joiner node could exploit improper parameter validation on the donor node. This vulnerability, specifically within the rsync SST method, allows the malicious joiner to execute arbitrary shell commands ...

9.1CVSS6.1AI score0.00654EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/30 2:42 p.m.6 views

mariadb: Arbitrary Code Execution via improper parameter validation during State Snapshot Transfer

A flaw was found in MariaDB. During a State Snapshot Transfer SST, the donor node improperly validates parameters sent by a joiner node. This vulnerability allows a malicious joiner to execute arbitrary shell commands on the donor server through the mariabackup SST method. This could lead to a...

8CVSS6.1AI score0.00567EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/30 1:11 p.m.5 views

mariadb: Arbitrary Code Execution via improper parameter validation during State Snapshot Transfer

A flaw was found in MariaDB. During a State Snapshot Transfer SST, the donor node improperly validates parameters sent by a joiner node. This vulnerability allows a malicious joiner to execute arbitrary shell commands on the donor server through the mariabackup SST method. This could lead to a...

8CVSS6.1AI score0.00567EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/30 1:11 p.m.4 views

mariadb: Arbitrary code execution via improper parameter validation during SST

A flaw was found in MariaDB server. During the State Snapshot Transfer SST process, a malicious joiner node could exploit improper parameter validation on the donor node. This vulnerability, specifically within the rsync SST method, allows the malicious joiner to execute arbitrary shell commands ...

9.1CVSS6.1AI score0.00654EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/30 11:22 a.m.5 views

mariadb: Arbitrary Code Execution via improper parameter validation during State Snapshot Transfer

A flaw was found in MariaDB. During a State Snapshot Transfer SST, the donor node improperly validates parameters sent by a joiner node. This vulnerability allows a malicious joiner to execute arbitrary shell commands on the donor server through the mariabackup SST method. This could lead to a...

8CVSS6.1AI score0.00567EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/30 11:10 a.m.9 views

CVE-2026-40987

A flaw was found in Spring Integration. A malicious or compromised FTP File Transfer Protocol, SFTP SSH File Transfer Protocol, or SMB Server Message Block server can exploit this vulnerability. This allows the server to write arbitrary files with attacker-controlled content to any location on th...

7.1CVSS6.2AI score0.0021EPSS
Exploits0References4
OSV
OSV
added 2026/06/30 10:27 a.m.2 views

SUSE-SU-2026:2702-1 Security update for libsoup

This update for libsoup fixes the following issue - CVE-2026-1801: HTTP Request Smuggling in soupfilterinputstreamreadline bsc1257649...

6.5CVSS6.6AI score0.00376EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/30 9:37 a.m.8 views

EUVD-2026-40275

PROMOD V is using insecure HTTP communication instead of HTTPS. The vulnerability is due to the lack of HTTPS support from 3rd party Digipede server...

7CVSS5.8AI score0.00347EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/30 7:8 a.m.5 views

mariadb: Arbitrary Code Execution via improper parameter validation during State Snapshot Transfer

A flaw was found in MariaDB. During a State Snapshot Transfer SST, the donor node improperly validates parameters sent by a joiner node. This vulnerability allows a malicious joiner to execute arbitrary shell commands on the donor server through the mariabackup SST method. This could lead to a...

8CVSS6.1AI score0.00567EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/30 7:8 a.m.10 views

mariadb: Arbitrary code execution via improper parameter validation during SST

A flaw was found in MariaDB server. During the State Snapshot Transfer SST process, a malicious joiner node could exploit improper parameter validation on the donor node. This vulnerability, specifically within the rsync SST method, allows the malicious joiner to execute arbitrary shell commands ...

9.1CVSS6.1AI score0.00654EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.7 views

PT-2026-54151

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A race condition in the DataTransfer component allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. Recommendations...

9.6CVSS6AI score0.00413EPSS
Exploits0References438
RedHat Linux
RedHat Linux
added 2026/06/29 10:57 p.m.3 views

mariadb: Arbitrary code execution via improper parameter validation during SST

A flaw was found in MariaDB server. During the State Snapshot Transfer SST process, a malicious joiner node could exploit improper parameter validation on the donor node. This vulnerability, specifically within the rsync SST method, allows the malicious joiner to execute arbitrary shell commands ...

9.1CVSS6.1AI score0.00654EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/29 10:57 p.m.3 views

mariadb: Arbitrary Code Execution via improper parameter validation during State Snapshot Transfer

A flaw was found in MariaDB. During a State Snapshot Transfer SST, the donor node improperly validates parameters sent by a joiner node. This vulnerability allows a malicious joiner to execute arbitrary shell commands on the donor server through the mariabackup SST method. This could lead to a...

8CVSS6.1AI score0.00567EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/29 6:30 p.m.5 views

firefox: thunderbird: Use-after-free in the Networking: HTTP component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the Networking: HTTP component...

8.8CVSS5.7AI score0.00382EPSS
Exploits0References6
Rows per page
Query Builder