Lucene search
K
PtsecurityRecent

184484 matches found

Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•7 views

PT-2026-55074

Ghost is a Node.js content management system. From 6.19.4 until 6.21.1, insufficient validation of the client-supplied Content-Type on Ghost's Admin API file upload endpoint allowed uploaded files to be served from the site with an attacker-chosen content type on S3/GCS storage backends. On...

5.4CVSS5.5AI score0.00133EPSS
Exploits0References3
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•7 views

PT-2026-54291

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A race condition in the WebRTC component on Windows allows a remote attacker to leak cross-origin data by using a specially crafted HTML page. WebRTC Web Real-Time Communication is a...

9.8CVSS6AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•6 views

PT-2026-54322

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient policy enforcement in Extensions allows an attacker to bypass the content security policy if a user is convinced to install a malicious extension. This is achieved through ...

9.8CVSS6AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•6 views

PT-2026-54293

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in the Navigation component allows a remote attacker who has already compromised the renderer process to potentially perform a sandbox escape. This is...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•5 views

PT-2026-54299

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in the SanitizerAPI allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or...

9.8CVSS6AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•5 views

PT-2026-54283

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient policy enforcement in PermissionsPolicy allows a remote attacker to bypass navigation restrictions by using a crafted HTML page. Recommendations Update Google Chrome to...

9.8CVSS6AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•6 views

PT-2026-54298

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in the Network component allows a remote attacker who has compromised the renderer process to leak cross-origin data through a crafted HTML...

9.8CVSS6AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•8 views

PT-2026-54264

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in the Paint component allows a remote attacker to perform UI spoofing by using a crafted HTML page. UI spoofing is a technique where an attacker mimics ...

9.8CVSS6AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•6 views

PT-2026-54280

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in CSS allows a remote attacker to leak cross-origin data, which is information from a different origin than the one serving the page, by using a crafted...

9.8CVSS6AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•6 views

PT-2026-54295

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in the Passwords component allows a remote attacker to leak cross-origin data, which is data belonging to a different origin than the one serving the...

9.8CVSS6AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•10 views

PT-2026-54302

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An issue in the SplitView security UI allows a remote attacker to perform UI spoofing. This occurs when a user is convinced to perform specific UI gestures while interacting with a...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•7 views

PT-2026-54266

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in DataTransfer allows a remote attacker who has compromised the renderer process to perform UI spoofing via a crafted HTML page...

9.8CVSS6AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•9 views

PT-2026-54271

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in the Autofill feature allows a remote attacker to perform UI spoofing via a crafted HTML page. UI spoofing is a technique where a...

9.8CVSS6AI score0.00413EPSS
Exploits0References446
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•6 views

PT-2026-54287

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An out of bounds read exists in SurfaceCapture, which allows a remote attacker to perform an out of bounds memory read by using a crafted HTML page. An out of bounds read occurs when th...

9.8CVSS6.1AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•5 views

PT-2026-54273

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description Incorrect security UI in Extensions allows a remote attacker to perform UI spoofing via a crafted HTML page if a user is convinced to engage in specific UI gestures. UI...

9.8CVSS6AI score0.00413EPSS
Exploits0References446
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•10 views

PT-2026-54276

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An improper implementation of XML allows a remote attacker to perform Universal Cross-Site Scripting UXSS by using a crafted HTML page to inject arbitrary scripts or HTML. Recommendatio...

9.8CVSS6.1AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•7 views

PT-2026-54222

Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description An inappropriate implementation in ScriptInjections allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. Recommendations Update Google Chrom...

9.8CVSS6AI score0.00413EPSS
Exploits0References446
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•5 views

PT-2026-54243

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A heap buffer overflow exists in the V8 engine, which is the open-source JavaScript and WebAssembly engine used by the browser. This flaw allows a remote attacker to execute arbitrary...

9.8CVSS6.5AI score0.00453EPSS
Exploits0References448
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•6 views

PT-2026-54252

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient data validation in the Storage component allows a remote attacker who has already compromised the renderer process to potentially perform a sandbox escape. This is achieved...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•6 views

PT-2026-54246

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An uninitialized use in the Media component allows a remote attacker who has already compromised the renderer process to retrieve potentially sensitive information from process memory...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•7 views

PT-2026-54223

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An uninitialized use in XR Extended Reality allows a remote attacker who has compromised the renderer process to obtain potentially sensitive information from process memory through a...

9.8CVSS6AI score0.00413EPSS
Exploits0References449
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•4 views

PT-2026-54225

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description Insufficient policy enforcement in the Payments component allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML pag...

9.8CVSS6AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•6 views

PT-2026-54248

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in the Paint component allows a remote attacker to perform UI spoofing, which is the act of mimicking a legitimate user interface to deceive users, by...

9.8CVSS6AI score0.00413EPSS
Exploits0References449
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•6 views

PT-2026-54155

Name of the Vulnerable Software and Affected Versions Google Chrome on Mac versions prior to 150.0.7871.47 Description A use after free issue exists in the Bluetooth component. This allows a remote attacker who has already compromised the renderer process to potentially achieve a sandbox escape b...

9.8CVSS6AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•9 views

PT-2026-54163

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient policy enforcement in Isolated Web Apps allows a remote attacker to bypass the content security policy CSP, which is a security layer used to detect and mitigate certain...

9.8CVSS5.9AI score0.00413EPSS
Exploits0References449
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•8 views

PT-2026-54153

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in the Network component allows an attacker in a privileged network position to bypass the content security policy CSP, which is a security layer that...

9.8CVSS5.8AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•7 views

PT-2026-54192

Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description A use after free issue exists where a remote attacker can potentially exploit heap corruption via a crafted HTML page. This occurs when a user is convinced to perform specific UI...

9.8CVSS6AI score0.00413EPSS
Exploits0References445
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•7 views

PT-2026-54195

Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description A use after free issue exists where a remote attacker could potentially exploit heap corruption by inducing the browser to process a crafted HTML page. Use after free is a memory...

9.8CVSS6AI score0.00413EPSS
Exploits0References445
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•5 views

PT-2026-54173

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient policy enforcement in Glic allows a remote attacker to bypass navigation restrictions by using a crafted HTML page. Recommendations Update Google Chrome to version...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•7 views

PT-2026-54190

Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description Insufficient policy enforcement in the Autofill feature allows a remote attacker to leak cross-origin data. This occurs when a user is convinced to perform specific UI gestures o...

9.8CVSS6AI score0.00413EPSS
Exploits0References445
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•9 views

PT-2026-54179

Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description An inappropriate implementation allows a remote attacker to perform UI spoofing via a crafted HTML page. UI spoofing is a technique where an attacker mimics a legitimate user...

9.8CVSS6AI score0.00413EPSS
Exploits0References445
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•9 views

PT-2026-54389

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description An inappropriate implementation in the WebAppInstalls component allows a local attacker to perform UI spoofing by using a malicious file. UI spoofing is a technique where an...

9.8CVSS5.9AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•6 views

PT-2026-54362

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A heap buffer overflow exists in the WebNN component of Google Chrome on Windows. A remote attacker who has already compromised the renderer process can exploit heap corruption by...

9.8CVSS6.5AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•6 views

PT-2026-54363

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description An uninitialized use in Canvas allows a remote attacker to obtain potentially sensitive information from process memory by inducing the user to visit a crafted HTML page...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•8 views

PT-2026-54390

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in Cast allows a remote attacker who has compromised the renderer process to perform privilege escalation via a crafted HTML page...

9.8CVSS6AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•6 views

PT-2026-54381

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in Text allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTM...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•6 views

PT-2026-54402

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in the Printing component allows a remote attacker who has already compromised the renderer process to perform UI spoofing by using a specially crafted...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•8 views

PT-2026-54292

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in SVG allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. Cross-origin data leakage occurs when a website accesse...

9.8CVSS6AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•7 views

PT-2026-54238

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient data validation in the PDF component allows a remote attacker who has already compromised the renderer process to bypass navigation restrictions by using a specially crafte...

9.8CVSS6AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•4 views

PT-2026-54208

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in the Media component on Windows allows a remote attacker who has already compromised the renderer process to perform UI spoofing. This is achieved by...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•8 views

PT-2026-54211

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in Dawn allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTM...

9.8CVSS6AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•4 views

PT-2026-54230

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description Insufficient policy enforcement in XML allows a remote attacker to obtain potentially sensitive information from process memory by inducing the user to visit a crafted HTML...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•7 views

PT-2026-54224

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient policy enforcement in Extensions allows an attacker to perform UI spoofing through a crafted Chrome Extension if a user is convinced to install the malicious extension...

9.8CVSS5.9AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•9 views

PT-2026-54221

Name of the Vulnerable Software and Affected Versions Google Chrome on Linux versions prior to 150.0.7871.47 Description Insufficient policy enforcement in Extensions allows an attacker to perform UI spoofing through a crafted Chrome Extension, provided they can convince a user to install the...

9.8CVSS6AI score0.00413EPSS
Exploits0References449
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•8 views

PT-2026-54207

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient policy enforcement in the Actor component allows a remote attacker to bypass navigation restrictions by using a crafted HTML page. Recommendations Update Google Chrome to...

9.8CVSS6AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•9 views

PT-2026-54176

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A use after free issue in HTML allows a remote attacker to execute arbitrary code within a sandbox by inducing the user to open a specially crafted HTML page. Use after free is a memory...

9.8CVSS6.3AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•7 views

PT-2026-54159

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A race condition in the USB component allows a remote attacker who has already compromised the renderer process to potentially achieve a sandbox escape. This is triggered through the us...

9.8CVSS6AI score0.00413EPSS
Exploits0References449
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•8 views

PT-2026-54164

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description An inappropriate implementation in the Near Field Communication NFC component allows a remote attacker who has already compromised the renderer process to leak cross-origin...

9.8CVSS6AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•6 views

PT-2026-54165

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A use after free issue exists within the Extensions component. This flaw allows a remote attacker to execute arbitrary code inside a sandbox by inducing the user to visit a specially...

9.8CVSS6.3AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
•added 2026/06/30 12:0 a.m.•6 views

PT-2026-54172

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in the Autofill feature allows a remote attacker to perform UI spoofing. This occurs when a user is convinced to perform specific UI gestures while...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
Total number of security vulnerabilities184484