862 matches found
[SECURITY] Fedora 44 Update: mingw-qt6-qtwebsockets-6.10.3-1.fc44
This package contains the Qt software toolkit for developing cross-platform applications. This is the Windows version of Qt, for use in conjunction with the Fedora Windows cross-compiler...
Missing Origin Validation in WebSockets
Overview Affected versions of this package are vulnerable to Missing Origin Validation in WebSockets via missing origin validation in all WebSocket endpoints. An attacker can gain unauthorized access to authenticated WebSocket sessions by tricking a logged-in administrator into visiting a malicio...
Missing Origin Validation in WebSockets
Overview Affected versions of this package are vulnerable to Missing Origin Validation in WebSockets via missing origin validation in all WebSocket endpoints. An attacker can gain unauthorized access to authenticated WebSocket sessions by tricking a logged-in administrator into visiting a malicio...
BIT-GITLAB-2026-5173 Exposed Dangerous Method or Function in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.9.6 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user to invoke unintended server-side methods through websocket connections due to improper access control...
Chromium: CVE-2026-5919 Insufficient validation of untrusted input in WebSockets
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
CVE-2026-5919
An insufficient validation of untrusted input flaw was found in the WebSockets component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=483423893...
SUSE CVE-2026-5919
Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...
EUVD-2026-20754
Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...
Linux Distros Unpatched Vulnerability : CVE-2026-5919
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer...
CVE-2026-5173 Exposed Dangerous Method or Function in GitLab
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.9.6 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have allowed an authenticated user to invoke unintended server-side methods through websocket connections due to improper access control...
CVE-2026-5919
Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...
CVE-2026-5919
Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...
CVE-2026-5919
Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...
CVE-2026-5919
Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...
CVE-2026-5919
CVE-2026-5919 affects Google Chrome/Chromium: insufficient validation of untrusted input in WebSockets in the renderer, allowing a remote attacker who has compromised the renderer process to bypass the same-origin policy via a crafted HTML page. Public advisories cite affected Chrome/Chromium bui...
CVE-2026-5919
Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...
CVE-2026-5919
Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...
PT-2026-31548
Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 16.9.6 through 18.8.9, 18.9 through 18.9.5, and 18.10 through 18.10.3 Description GitLab CE/EE is affected by an issue where an authenticated user could invoke unintended server-side methods through websocket connections...
PYSEC-2026-133
Strawberry GraphQL is a library for creating GraphQL APIs. Strawberry up until version 0.312.3 is vulnerable to an authentication bypass on WebSocket subscription endpoints. The legacy graphql-ws subprotocol handler does not verify that a connectioninit handshake has been completed before...
Google Chrome 输入验证错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.55 contained a vulnerability related to input validation errors. This vulnerability stemmed from insufficient validation of untrusted inputs in WebSockets, allowing remote attackers to bypass the...