Lucene search
K

1067 matches found

CVE
CVE
added 1 hour ago4 views

CVE-2026-45150

Zen is a firefox-based browser. Prior to 1.19.13b, Zen Browser did not provide a persistent, clearly visible security notification when a webpage entered fullscreen mode, allowing an attacker-controlled page to hide the real browser UI and origin information, imitate a trusted website UI, and...

6.3CVSS6.1AI score0.00027EPSS
Exploits0References1
NVD
NVD
added 6 days ago6 views

CVE-2026-57501

Zen is a firefox-based browser. Prior to 1.21.5b, Zen's glance and split-view context-menu actions, Open link in glance and Split link in new tab, load a page-controlled link URL with the System principal instead of the originating page's principal, allowing a malicious web page to place a link t...

0.0029EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 6 days ago6 views

CVE-2026-57501

Zen is a firefox-based browser. Prior to 1.21.5b, Zen's glance and split-view context-menu actions, Open link in glance and Split link in new tab, load a page-controlled link URL with the System principal instead of the originating page's principal, allowing a malicious web page to place a link t...

6AI score0.0029EPSS
Exploits0References4Affected Software1
OSV
OSV
added 6 days ago2 views

CVE-2026-57501 Zen: Context-menu "Open link in glance" / "Split link in new tab" loads a page-controlled link with the System principal, bypassing the web-content scheme restriction

Zen is a firefox-based browser. Prior to 1.21.5b, Zen's glance and split-view context-menu actions, Open link in glance and Split link in new tab, load a page-controlled link URL with the System principal instead of the originating page's principal, allowing a malicious web page to place a link t...

6.1AI score0.0029EPSS
Exploits0References5
Cvelist
Cvelist
added 6 days ago36 views

CVE-2026-57501 Zen: Context-menu "Open link in glance" / "Split link in new tab" loads a page-controlled link with the System principal, bypassing the web-content scheme restriction

Zen is a firefox-based browser. Prior to 1.21.5b, Zen's glance and split-view context-menu actions, Open link in glance and Split link in new tab, load a page-controlled link URL with the System principal instead of the originating page's principal, allowing a malicious web page to place a link t...

0.0029EPSS
Exploits0References3
CVE
CVE
added 6 days ago9 views

CVE-2026-57501

Summary: CVE-2026-57501 affects Zen, a Firefox-based browser. Before version 1.21.5b, the contextual actions “Open link in glance” and “Split link in new tab” could load a page-controlled link URL with the System principal rather than the originating page’s principal, allowing a malicious page to...

6AI score0.0029EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 6 days ago7 views

PT-2026-57005

Name of the Vulnerable Software and Affected Versions Zen versions prior to 1.21.5b Description In the glance and split-view context-menu actions, specifically Open link in glance and Split link in new tab, the browser loads a page-controlled link URL using the System principal instead of the...

6.1AI score0.0029EPSS
Exploits0References5
Hewlett-Packard
Hewlett-Packard
added 2026/06/09 12:0 a.m.11 views

AMD “Zen 5” Processors – RDSEED Failure

AMD has informed HP of a potential security vulnerability in some AMD “Zen 5” Processors, which might allow loss of confidentiality and integrity. AMD is releasing firmware updates to mitigate these vulnerabilities AMD has released updates to mitigate the potential vulnerability. HP has identifie...

7.2CVSS7.5AI score0.00159EPSS
Exploits0Affected Software11
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.16 views

SUSE SLES16 Security Update : kernel (SUSE-SU-2026:21845-1)

The remote SUSE Linux SLES16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21845-1 advisory. The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-2058:...

9.8CVSS7AI score0.0138EPSS
Exploits19References659
RedhatCVE
RedhatCVE
added 2026/06/05 7:44 p.m.11 views

CVE-2026-44658

Zen is a firefox-based browser. Prior to 1.19.12b, RSS feed URLs entered by the user are validated to http: or https: in promptForFeedUrl, but item links inside the feed are not subject to the same restriction. The provider maps each RSS/Atom item link into item.url, filters only for presence and...

2.4CVSS5.5AI score0.00157EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:41 p.m.11 views

CVE-2025-54518

A flaw was found in AMD Zen 2-based processors, affecting components such as the kernel and Xen hypervisor. Improper isolation of shared resources within the CPU operation cache could allow an attacker to corrupt instructions executed at a different privilege level. This could potentially result ...

7.3CVSS5.7AI score0.00258EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.9 views

CVE-2026-41431

Zen is a firefox-based browser. Prior to 1.19.9b, Zen Browser ships a Mozilla Application Resource MAR updater org.mozilla.updater that has had all MAR signature verification stripped from the Firefox codebase it was forked from. The MAR files served to users contain zero cryptographic signatures...

8CVSS5.7AI score0.00199EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/29 1:15 a.m.10 views

SUSE CVE-2026-46174

In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache Make sure resources are not improperly shared in the op cache and cause instruction corruption this way...

6.5CVSS5.8AI score0.00129EPSS
Exploits0References3
NVD
NVD
added 2026/05/28 10:16 a.m.11 views

CVE-2026-46174

In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache Make sure resources are not improperly shared in the op cache and cause instruction corruption this way...

8.8CVSS0.00129EPSS
Exploits0References10
ATTACKERKB
ATTACKERKB
added 2026/05/28 9:36 a.m.12 views

CVE-2026-46174

In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache Make sure resources are not improperly shared in the op cache and cause instruction corruption this way...

8.8CVSS5.8AI score0.00129EPSS
Exploits0References9Affected Software1
Debian CVE
Debian CVE
added 2026/05/28 9:36 a.m.9 views

CVE-2026-46174

In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache Make sure resources are not improperly shared in the op cache and cause instruction corruption this way...

8.8CVSS5.7AI score0.00129EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.8 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper resource isolation in the cache of the x86 CPU AMD Zen2, potentially leading to...

8.8CVSS5.8AI score0.00129EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.21 views

PT-2026-44297

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description An issue exists in the x86 CPU AMD Zen2 op cache where shared resources are not properly isolated. This lack of isolation ca...

9.8CVSS6AI score0.03663EPSS
Exploits18References284
SUSE CVE
SUSE CVE
added 2026/05/21 2:55 a.m.13 views

SUSE CVE-2023-20593

An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information...

6.2CVSS6.7AI score0.05794EPSS
Exploits1References63
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: x86/MCE: Always save the CS register in cases of AMD Zen IF Poison errors. The Instruction Fetch IF units on current AMD Zen-based systems do not guarantee a synchronous MC for errors related to poison consumption. Therefore,...

5.5CVSS6.5AI score0.00136EPSS
Exploits0References2
Rows per page
Query Builder