Lucene search
K
Bdu FstecRecent

90336 matches found

BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.4 views

The vulnerability of the Open WebUI web interface, based on artificial intelligence, arises from deficiencies in access control. This allows attackers to gain read, modify, and delete access to data.

The vulnerability of the Open WebUI web interface is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain read, modify, and delete access to data...

8.5CVSS5.8AI score0.00273EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.4 views

The vulnerability of the Open WebUI web interface, based on artificial intelligence, relates to errors in information processing, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the Open WebUI-based web interface is related to errors in information processing. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

4.3CVSS5.8AI score0.0022EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.2 views

The vulnerability of the compare_strings() function in the GnuTLS library allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the comparestrings function in the GnuTLS library is related to shortcomings in the mechanism for handling register-dependent data. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

7.4CVSS5.8AI score0.00566EPSS
Exploits1References8Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.3 views

The vulnerability of the GNU Binutils development environment lies in the execution of a loop with an unreachable exit condition, allowing a hacker to cause a service failure.

The vulnerability of the GNU Binutils development tool lies in the execution of a loop with an unreachable exit condition. Exploiting this vulnerability can allow an attacker to cause a service failure...

6.2CVSS6AI score0.00152EPSS
Exploits1References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.3 views

The vulnerability of the GNU Binutils development tool, related to uncontrolled resource consumption, allows a perpetrator to trigger a service failure.

The vulnerability of the GNU Binutils development tooling is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a perpetrator to cause a service failure...

5CVSS5.8AI score0.00126EPSS
Exploits0References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.4 views

The vulnerability of the GLPI system for requests, incidents, and inventory management arises from the failure to implement measures to neutralize special elements within the template creation mechanism. This allows a violator to execute arbitrary code.

The vulnerability of the GLPI system for requests, incidents, and inventory management is related to the failure to implement measures to neutralize specific elements in the template creation mechanism. Exploiting this vulnerability allows an attacker to execute arbitrary code...

8.3CVSS6AI score0.0037EPSS
Exploits1References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.3 views

The vulnerability of the GLPI system’s request, incident, and computer equipment inventory management processes, related to the failure to protect the SQL request structure, allows attackers to execute arbitrary code.

The vulnerability of the GLPI system’s request, incident, and computer equipment inventory management processes is related to the lack of measures taken to protect the SQL request structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code...

10CVSS6.1AI score0.08741EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.3 views

The vulnerability of the GLPI system for managing requests, incidents, and inventory of computer equipment arises from the lack of mechanisms to encode or filter output data. This allows a perpetrator to execute arbitrary codes.

The vulnerability of the GLPI system for requests, incidents, and inventory management is related to the lack of mechanisms for encoding or filtering output data. Exploiting this vulnerability allows a malicious actor to execute arbitrary codes remotely...

6.4CVSS6AI score0.00191EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.3 views

The vulnerability of the GLPI system for managing requests, incidents, and inventory of computer equipment arises from the lack of mechanisms for encoding or filtering output data. This allows a violator to execute arbitrary codes.

The vulnerability of the GLPI system for requests, incidents, and inventory management is related to the lack of mechanisms for encoding or shielding output data. Exploiting this vulnerability allows a malicious actor to execute arbitrary codes remotely...

4.8CVSS6AI score0.0028EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.2 views

The vulnerability of the Apache Tomcat application server, related to insufficient protection of registration data, allows attackers to gain unauthorized access to protected information.

The vulnerability of the Apache Tomcat application server is related to insufficient protection of registration data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

7.8CVSS7.1AI score0.00447EPSS
Exploits0References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.2 views

The vulnerability of the Apache Tomcat application server, related to flaws in authentication procedures, allows attackers to escalate their privileges.

The vulnerability of the Apache Tomcat application server is related to deficiencies in authentication procedures. Exploiting this vulnerability allows a malicious actor to gain increased privileges remotely...

6.5CVSS6.5AI score0.00469EPSS
Exploits0References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.4 views

The vulnerability of the _validate_collection_access() function in the Open WebUI AI-based web interface allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the validatecollectionaccess function in the Open WebUI AI-based web interface relates to bypassing authentication using a user-controlled key. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

7.5CVSS5.8AI score0.00331EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.4 views

The vulnerability of the Open WebUI web interface, based on artificial intelligence, relates to errors in information processing, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the Open WebUI-based web interface is related to errors in information processing. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

6.8CVSS5.8AI score0.00281EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.3 views

The vulnerability in the Open WebUI web interface, related to bypassing authentication using a user-controlled key, allows attackers to gain unauthorized access to protected information.

The vulnerability in the Open WebUI web interface relates to bypassing authentication using a key controlled by the user. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

8.5CVSS5.8AI score0.00346EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.4 views

The vulnerability in the Open WebUI web interface, related to deficiencies in the security measures protecting the structure of web pages, allows attackers to execute XSS attacks.

The vulnerability of the Open WebUI web interface is related to deficiencies in the security measures used to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks using a malicious SVG file...

5.5CVSS5.8AI score0.00165EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.4 views

The vulnerability in the Open WebUI web interface, related to bypassing authentication using a user-controlled key, allows attackers to gain read, modify, or delete access to data.

The vulnerability in the Open WebUI web interface relates to bypassing authentication using a key controlled by the user. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to read, modify, or delete data...

4.3CVSS5.8AI score0.00204EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.4 views

The vulnerability of the check_ocsp_response() function in the GnuTLS library, which allows a hacker to bypass existing security mechanisms

The vulnerability of the checkocspresponse function in the GnuTLS library is related to the incorrect order of operation of the input validation mechanism. Exploiting this vulnerability could allow a malicious actor to bypass existing security measures remotely...

3.7CVSS5.7AI score0.0072EPSS
Exploits1References6Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/05/22 12:0 a.m.3 views

The vulnerability of the LDAP service protocol implementation in Microsoft Windows operating systems allows a perpetrator to cause a service failure.

The vulnerability of the LDAP service protocol implementation in Microsoft Windows operating systems is related to pointer manipulation. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS5.8AI score0.00292EPSS
Exploits0References2Affected Software17
BDU FSTEC
BDU FSTEC
added 2026/05/21 12:0 a.m.4 views

The vulnerability of the Microsoft Malware Protection Engine, a component of the Microsoft Defender antivirus protection tool, allows attackers to escalate their privileges.

The vulnerability of the Microsoft Malware Protection Engine, a component of the Microsoft Defender antivirus protection tool, relates to an improper definition of symbolic links before accessing a file. Exploiting this vulnerability can allow attackers to increase their privileges...

7.8CVSS6.1AI score0.08371EPSS
Exploits2References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/21 12:0 a.m.6 views

The vulnerability of the application software interface of the ChromaDB database allows a perpetrator to execute arbitrary code.

The vulnerability of the application software interface of the ChromaDB database management system is related to improper code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS6.1AI score0.12387EPSS
Exploits2References4
BDU FSTEC
BDU FSTEC
added 2026/05/21 12:0 a.m.3 views

The vulnerability of the cpdavd control panel for web hosting, including cPanel and WordPress Squared, as well as the WebHost Manager administrative panel, allows a hacker to read arbitrary files.

The vulnerability of the cpdavd control panel in web hosting using cPanel and WordPress Squared, as well as the WebHost Manager administration panel, is related to incorrect path name restrictions for restricted access directories. Exploiting this vulnerability could allow a malicious actor to re...

9CVSS5.9AI score0.07244EPSS
Exploits0References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2026/05/21 12:0 a.m.2 views

The vulnerability of the tls_crypt_v2_extract_client_key() function in the OpenVPN software allows a hacker to trigger a service failure.

The vulnerability of the tlscryptv2extractclientkey function in the OpenVPN software is related to an uncontrolled and exploitable flaw. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

7.7CVSS5.8AI score0.00317EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/21 12:0 a.m.4 views

The vulnerability of Microsoft Defender Antimalware Platform, related to uncontrolled resource consumption, allows a perpetrator to trigger a service failure.

The vulnerability of Microsoft Defender Antimalware Platform relates to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

4CVSS6.1AI score0.63076EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/21 12:0 a.m.2 views

The vulnerability of the Adobe Photoshop graphic editor allows a hacker to increase their privileges.

The vulnerability of the Adobe Photoshop graphic editor installer is related to an uncontrolled element in the search process. Exploiting this vulnerability can allow attackers to enhance their privileges...

8.2CVSS5.8AI score0.00214EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.2 views

The vulnerabilities of the negotiation mechanisms for SSL and GSS in the PostgreSQL database management system allow attackers to induce service failures.

The vulnerability of the negotiation mechanisms for SSL and GSS in the PostgreSQL database management system is related to an uncontrolled recursion. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...

7.8CVSS5.8AI score0.00471EPSS
Exploits0References12Affected Software7
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.1 views

The vulnerabilities of the functions lo_export(), lo_read(), lo_lseek64(), and lo_tell64() in the client library libpq of the PostgreSQL database management system allow a hacker to overwrite the memory of the pg_dump or psql stack.

The vulnerability of the loexport, loread, lolseek64, and lotell64 functions in the PostgreSQL database management system’s client library is related to the use of a potentially dangerous function. Exploiting this vulnerability could allow an attacker to remotely rewrite the pgdump or psql stack...

10CVSS5.8AI score0.00464EPSS
Exploits0References11Affected Software5
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.2 views

The vulnerability of the PostgreSQL database management system, related to the disclosure of information based on temporal discrepancies, allows a perpetrator to disclose protected information.

The vulnerability of the PostgreSQL database management system is related to the disclosure of information based on temporal discrepancies. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose the protected information...

6.5CVSS5.7AI score0.00558EPSS
Exploits0References11Affected Software5
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.2 views

The vulnerability of the PostgreSQL database management system, related to integer overflows, allows attackers to cause service interruptions.

The vulnerability of the PostgreSQL database management system is related to integer overflow. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

9CVSS5.8AI score0.00668EPSS
Exploits0References12Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.2 views

The vulnerability of the pg_basebackup and pg_rewind utilities in the PostgreSQL database management system allows a hacker to re-write any files they choose.

The vulnerability of the pgbasebackup and pgrewind utilities in the PostgreSQL database management system is related to deficiencies in the mechanism for handling symbolic references. Exploiting this vulnerability allows a malicious actor to rewrite any files remotely...

10CVSS5.7AI score0.00324EPSS
Exploits0References11Affected Software5
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.4 views

The vulnerability of the CORS (Cross-Origin Resource Sharing) mechanism in browsers like Google Chrome and Microsoft Edge allows attackers to bypass existing security measures.

The vulnerability of the CORS Cross-Origin Resource Sharing mechanism in Google Chrome and Microsoft Edge is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to bypass existing security measures through a specially created HTML page...

3.1CVSS5.8AI score0.00216EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.4 views

The vulnerability of the ServiceWorker component in Google Chrome and Microsoft Edge browsers allows a hacker to bypass the sandboxing protection mechanism.

The vulnerability of the ServiceWorker component in Google Chrome and Microsoft Edge is related to a violation of data protection mechanisms. Exploiting this vulnerability could allow an attacker to bypass the sandboxing protection mechanisms...

8.3CVSS5.8AI score0.00222EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.3 views

The vulnerability of the Navigation function in Google Chrome and Microsoft Edge browsers allows attackers to bypass the sandboxing protection mechanisms.

The vulnerability of the Navigation function in Google Chrome and Microsoft Edge is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to bypass the sandboxing protection mechanisms...

8.3CVSS5.8AI score0.00222EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.3 views

The vulnerability of the Google Chrome browser’s Media component, which allows a hacker to execute arbitrary code.

The vulnerability of the Google Chrome browser’s Media component is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS6.1AI score0.00309EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.4 views

Vulnerability of function system_domains.ml:30-35() in the RBAC access role management subsystem of the XCP-ng hypervisor and XenServer server virtualization platform, which allows a perpetrator to increase their privileges

The vulnerability of function systemdomains.ml:30-35 in the RBAC access control subsystem of the XCP-ng hypervisor and the XenServer server virtualization platform is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to elevate their privileges...

9.9CVSS5.8AI score
Exploits0References8Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.2 views

The vulnerability of the implementation of the ALTER SUBSCRIPTION...REFRESH PUBLICATION command in the PostgreSQL database management system allows a attacker to execute arbitrary SQL queries.

The vulnerability of the ALTER SUBSCRIPTION...REFRESH PUBLICATION command in PostgreSQL database management systems lies in the lack of protective measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

3.7CVSS6AI score0.0018EPSS
Exploits0References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.2 views

The vulnerability of the refint module in the PostgreSQL database management system allows a hacker to execute arbitrary code.

The vulnerability of the refint module in the PostgreSQL database management system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS6.1AI score0.00378EPSS
Exploits0References11Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.4 views

The vulnerability of the TopChrome component in Google Chrome and Microsoft Edge browsers allows a hacker to bypass the sandboxing protection mechanism.

The vulnerability of the TopChrome component in Google Chrome and Microsoft Edge relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to bypass the sandboxing protection mechanisms...

8.3CVSS5.8AI score0.00207EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.3 views

The vulnerability of the Navigation function in Google Chrome and Microsoft Edge browsers allows attackers to bypass existing security mechanisms.

The vulnerability of the Navigation function in Google Chrome and Microsoft Edge is related to a breach of data protection mechanisms. Exploiting this vulnerability allows an attacker to bypass existing security measures through a specially created HTML page...

3.1CVSS5.8AI score0.00195EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.4 views

The vulnerability of the ANGLE library in Google Chrome browsers allows a hacker to execute arbitrary code or trigger a denial-of-service attack.

The vulnerability of the ANGLE library in Google Chrome browser is related to external control over a web parameter that is assumed to be immutable. Exploiting this vulnerability could allow an attacker to execute arbitrary code or cause a service failure by using a specially created HTML page...

5CVSS6.1AI score0.00207EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.4 views

The vulnerability of Google Chrome’s WebRTC technology allows attackers to execute arbitrary code or trigger a service failure.

The vulnerability of Google Chrome’s WebRTC technology is related to buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure...

10CVSS6.5AI score0.00262EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.3 views

The vulnerability of the setother_config() function in the RBAC access control subsystem of the XCP-ng supervisor and the XenServer server virtualization platform allows a malicious individual to gain unauthorized access to the file system.

The vulnerability of the setotherconfig function in the RBAC access control subsystem of the XCP-ng supervisor and the XenServer server virtualization platform is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain...

9.9CVSS5.8AI score
Exploits0References8Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.6 views

The vulnerability of the map_keys_roles() function in the RBAC role management subsystem of the XCP-ng hypervisor and the XenServer server virtualization platform allows a perpetrator to bypass existing security mechanisms.

The vulnerability of the mapkeysroles function in the RBAC role management subsystem of the XCP-ng hypervisor and the XenServer server virtualization platform is related to the absence of authentication. Exploiting this vulnerability allows a malicious actor to bypass existing security mechanisms...

8.5CVSS5.7AI score
Exploits0References8Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.2 views

The vulnerability of the hvm_serial component in the Role-Based Access Control (RBAC) access management subsystem of the XCP-ng hypervisor and the XenServer server virtualization platform allows a perpetrator to gain write access to arbitrary files.

The vulnerability of the hvmserial component in the Role-Based Access Control RBAC access management subsystem of the XCP-ng hypervisor and the XenServer server virtualization platform is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor,...

8.5CVSS5.9AI score
Exploits0References9Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.2 views

The vulnerability of the timeofday() function in the PostgreSQL database management system allows a hacker to gain unauthorized access to protected information.

The vulnerability of the timeofday function in the PostgreSQL database management system is related to the use of uncontrolled format strings. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

4.3CVSS5.8AI score0.00208EPSS
Exploits0References12Affected Software5
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.2 views

The vulnerability of the CREATE TYPE command in the PostgreSQL database management system allows attackers to execute arbitrary SQL functions.

The vulnerability of the CREATE TYPE command in the PostgreSQL database management system is related to the lack of authorization. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL functions remotely...

5.5CVSS6AI score0.00159EPSS
Exploits0References12Affected Software5
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.3 views

The vulnerability of the user interface of the Cisco Catalyst SD-WAN Manager centralized system management platform allows a perpetrator to disclose protected information.

The vulnerability of the user interface of the Cisco Catalyst SD-WAN Manager centralized system management system is related to insufficient protection of operational data. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

5.5CVSS5.7AI score0.00194EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.2 views

The vulnerability of the pg_createsubscriber function in the PostgreSQL database management system allows a hacker to execute arbitrary SQL queries.

The vulnerability of the pgcreatesubscriber function in the PostgreSQL database management system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries remotely...

9CVSS6AI score0.00287EPSS
Exploits0References6Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.3 views

The vulnerability of the PAN-OS operating system, related to the incorrect checking for unusual or exceptional conditions, allows a perpetrator to trigger a service failure.

The vulnerability of the PAN-OS operating system is related to improper checking for unusual or exceptional conditions. Exploiting this vulnerability can allow a remote attacker to cause service failures...

7.8CVSS5.8AI score0.00338EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.3 views

The vulnerability of the Navigation function in Google Chrome and Microsoft Edge browsers allows attackers to bypass the sandboxing protection mechanisms.

The vulnerability of the Navigation function in Google Chrome and Microsoft Edge is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to bypass the sandboxing protection mechanisms...

8.3CVSS5.8AI score0.00237EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/20 12:0 a.m.4 views

The vulnerability of the Speech component in Google Chrome and Microsoft Edge browsers allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Speech component in Google Chrome and Microsoft Edge is related to synchronization errors when using a common resource “Race Situation”. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created HT...

5.4CVSS5.8AI score0.00176EPSS
Exploits0References3Affected Software2
Total number of security vulnerabilities90336