Lucene search
K

1063 matches found

Nuclei
Nuclei
added 15 hours ago68 views

Apache Tomcat Examples Web Application - Cross-Site Scripting

Apache Tomcat 8.5.50 to 8.5.81, 9.0.30 to 9.0.64, 10.0.0-M1 to 10.0.22, and 10.1.0-M1 to 10.1.0-M16 contain a reflected cross-site scripting caused by displaying unfiltered user data in the Form authentication example, letting attackers execute scripts in victim browsers, exploit requires attacke...

6.1CVSS6.8AI score0.06156EPSS
Exploits0References4
Nuclei
Nuclei
added 15 hours ago58 views

modoboa 2.0.4 - Admin TakeOver

Authentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa prior to 2.0.4. id: CVE-2023-0777 info: name: modoboa 2.0.4 - Admin TakeOver author: r3Y3r53 severity: critical description: | Authentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa prior to...

9.8CVSS7AI score0.15088EPSS
Exploits4References4
EUVD
EUVD
added 5 days ago10 views

EUVD-2026-42486

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.115 allowed a local attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

6AI score0.00089EPSS
Exploits0References3
Debian CVE
Debian CVE
added 6 days ago5 views

CVE-2026-15115

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.115 allowed a local attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

3.3CVSS6AI score0.00089EPSS
Exploits0
Positive Technologies
Positive Technologies
added 6 days ago9 views

PT-2026-56634

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.115 Description Insufficient validation of untrusted input in WebAppInstalls allows a local attacker to bypass the same origin policy via a crafted HTML page. The same origin policy is a...

9.6CVSS6AI score0.0026EPSS
Exploits0References37
Vulnrichment
Vulnrichment
added 2026/07/06 4:13 p.m.6 views

CVE-2026-40141 High-Severity Vulnerability In Web Application Component of BeyondTrust Remote Support and Privileged Remote Access

A high-severity vulnerability exists in a web application component of BeyondTrust Remote Support and Privileged Remote Access related to the processing of certain input parameters. Insufficient validation of user-supplied input may allow an authenticated attacker with limited privileges to acces...

8.5CVSS6AI score0.00478EPSS
Exploits0References1
CVE
CVE
added 2026/07/01 10:21 p.m.22 views

CVE-2026-14381

CVE-2026-14381 affects Google Chrome’s WebAppInstalls UI. A crafted HTML page can trigger UI spoofing due to an incorrect security UI in WebAppInstalls prior to Chrome 150.0.7871.46. Impact: remote attacker could spoof UI. Mitigation: update to Chrome 150.0.7871.46 or later (Chromium-based). Refe...

6.5CVSS5.8AI score0.00211EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/07/01 12:34 a.m.9 views

EUVD-2026-40809

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...

6AI score0.00239EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.6 views

EUVD-2026-40801

Inappropriate implementation in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to perform UI spoofing via a malicious file. Chromium security severity: Low...

5.8AI score0.00179EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.7 views

EUVD-2026-40784

Inappropriate implementation in WebAppInstalls in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00234EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.7 views

EUVD-2026-40558

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to potentially perform a sandbox escape via a malicious file. Chromium security severity: Medium...

5.8AI score0.00272EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.15 views

PT-2026-54648

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.46 Description An issue in the WebAppInstalls component allows a remote attacker to perform UI spoofing by using a specially crafted HTML page. UI spoofing is a technique where an attacker mimics a...

9.6CVSS6AI score0.00448EPSS
Exploits0References447
OSV
OSV
added 2026/06/30 11:17 p.m.5 views

DEBIAN-CVE-2026-14131

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.4CVSS5.8AI score0.0018EPSS
Exploits0References1
OSV
OSV
added 2026/06/30 11:17 p.m.4 views

DEBIAN-CVE-2026-14104

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Low...

9.8CVSS6.2AI score0.00383EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 11:17 p.m.6 views

CVE-2026-14097

Inappropriate implementation in WebAppInstalls in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...

9.6CVSS0.00234EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.2 views

DEBIAN-CVE-2026-13993

Incorrect security UI in WebAppInstalls in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS5.8AI score0.00154EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 11:17 p.m.6 views

CVE-2026-13872

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to potentially perform a sandbox escape via a malicious file. Chromium security severity: Medium...

9.1CVSS0.00272EPSS
Exploits0References2
NVD
NVD
added 2026/06/30 11:16 p.m.5 views

CVE-2026-13852

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: High...

9.1CVSS0.00289EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:16 p.m.3 views

DEBIAN-CVE-2026-13851

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: High...

9.1CVSS5.8AI score0.00289EPSS
Exploits0References1
OSV
OSV
added 2026/06/30 11:16 p.m.3 views

DEBIAN-CVE-2026-13852

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: High...

9.1CVSS5.8AI score0.00289EPSS
Exploits0References1
Rows per page
Query Builder