Lucene search
K

862 matches found

Fedora
Fedora
added 2026/04/25 1:55 a.m.4 views

[SECURITY] Fedora 44 Update: mingw-qt6-qtwebsockets-6.10.3-1.fc44

This package contains the Qt software toolkit for developing cross-platform applications. This is the Windows version of Qt, for use in conjunction with the Fedora Windows cross-compiler...

5.1AI score
Exploits0
Snyk
Snyk
added 2026/04/20 10:15 p.m.5 views

Missing Origin Validation in WebSockets

Overview Affected versions of this package are vulnerable to Missing Origin Validation in WebSockets via missing origin validation in all WebSocket endpoints. An attacker can gain unauthorized access to authenticated WebSocket sessions by tricking a logged-in administrator into visiting a malicio...

8.1CVSS5.4AI score0.00176EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/20 10:15 p.m.9 views

Missing Origin Validation in WebSockets

Overview Affected versions of this package are vulnerable to Missing Origin Validation in WebSockets via missing origin validation in all WebSocket endpoints. An attacker can gain unauthorized access to authenticated WebSocket sessions by tricking a logged-in administrator into visiting a malicio...

8.1CVSS5.4AI score0.00176EPSS
Exploits1References2
OSV
OSV
added 2026/04/17 12:9 a.m.4 views

BIT-GITLAB-2026-5173 Exposed Dangerous Method or Function in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.9.6 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user to invoke unintended server-side methods through websocket connections due to improper access control...

8.5CVSS7.3AI score0.00396EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/04/11 12:32 a.m.7 views

Chromium: CVE-2026-5919 Insufficient validation of untrusted input in WebSockets

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.5CVSS5.8AI score0.0019EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/10 6:57 a.m.4 views

CVE-2026-5919

An insufficient validation of untrusted input flaw was found in the WebSockets component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=483423893...

7.7CVSS5.7AI score0.0019EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/04/09 11:29 p.m.6 views

SUSE CVE-2026-5919

Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

6.5CVSS7.3AI score0.0019EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/09 12:32 a.m.7 views

EUVD-2026-20754

Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

6.5CVSS5.9AI score0.0019EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/09 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2026-5919

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer...

6.5CVSS7.3AI score0.0019EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/08 10:25 p.m.18 views

CVE-2026-5173 Exposed Dangerous Method or Function in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.9.6 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user to invoke unintended server-side methods through websocket connections due to improper access control...

8.5CVSS0.00396EPSS
Exploits0References2
NVD
NVD
added 2026/04/08 10:16 p.m.2 views

CVE-2026-5919

Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

6.5CVSS0.0019EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/04/08 10:16 p.m.4 views

CVE-2026-5919

Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

6.5CVSS5.8AI score0.0019EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/08 9:21 p.m.23 views

CVE-2026-5919

Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

0.0019EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/08 9:21 p.m.3 views

CVE-2026-5919

Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

5.9AI score0.0019EPSS
Exploits0References2
CVE
CVE
added 2026/04/08 9:21 p.m.22 views

CVE-2026-5919

CVE-2026-5919 affects Google Chrome/Chromium: insufficient validation of untrusted input in WebSockets in the renderer, allowing a remote attacker who has compromised the renderer process to bypass the same-origin policy via a crafted HTML page. Public advisories cite affected Chrome/Chromium bui...

6.5CVSS5.9AI score0.0019EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/08 9:21 p.m.2 views

CVE-2026-5919

Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

6.5CVSS5.9AI score0.0019EPSS
Exploits0References3Affected Software1
AlpineLinux
AlpineLinux
added 2026/04/08 9:21 p.m.5 views

CVE-2026-5919

Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

6.5CVSS5.8AI score0.0019EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.3 views

PT-2026-31548

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 16.9.6 through 18.8.9, 18.9 through 18.9.5, and 18.10 through 18.10.3 Description GitLab CE/EE is affected by an issue where an authenticated user could invoke unintended server-side methods through websocket connections...

8.5CVSS5.8AI score0.00396EPSS
Exploits0References15
OSV
OSV
added 2026/04/07 5:16 p.m.8 views

PYSEC-2026-133

Strawberry GraphQL is a library for creating GraphQL APIs. Strawberry up until version 0.312.3 is vulnerable to an authentication bypass on WebSocket subscription endpoints. The legacy graphql-ws subprotocol handler does not verify that a connectioninit handshake has been completed before...

7.5CVSS5.7AI score0.00424EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/07 12:0 a.m.7 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.55 contained a vulnerability related to input validation errors. This vulnerability stemmed from insufficient validation of untrusted inputs in WebSockets, allowing remote attackers to bypass the...

6.5CVSS7.3AI score0.0019EPSS
Exploits0References3
Rows per page
Query Builder