Search

Search Results (363020 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-14046 1 Google 1 Chrome 2026-07-02 4.3 Medium
Inappropriate implementation in CustomTabs in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14047 1 Google 1 Chrome 2026-07-02 4.3 Medium
Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension. (Chromium security severity: Low)
CVE-2026-14053 1 Google 1 Chrome 2026-07-02 4.3 Medium
Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14054 1 Google 1 Chrome 2026-07-02 4.3 Medium
Insufficient policy enforcement in Network in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14055 1 Google 1 Chrome 2026-07-02 9.6 Critical
Insufficient validation of untrusted input in Device Trust in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14056 1 Google 1 Chrome 2026-07-02 9.6 Critical
Insufficient validation of untrusted input in Media in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: Low)
CVE-2026-14073 1 Google 1 Chrome 2026-07-02 4.3 Medium
Insufficient validation of untrusted input in WebXR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-57350 2026-07-02 7.1 High
Unauthenticated Cross Site Scripting (XSS) in WP Debugging <= 2.12.2 versions.
CVE-2026-57343 2026-07-02 7.1 High
Unauthenticated Cross Site Scripting (XSS) in Real Estate 7 <= 3.5.9 versions.
CVE-2026-27433 2026-07-02 6.5 Medium
Unauthenticated Broken Access Control in Motors <= 5.6.80 versions.
CVE-2026-27412 2026-07-02 8.1 High
Unauthenticated Local File Inclusion in Pearl - Corporate Business <= 3.4.10 versions.
CVE-2026-14077 1 Google 1 Chrome 2026-07-02 4.3 Medium
Inappropriate implementation in Select in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14080 1 Google 1 Chrome 2026-07-02 4.3 Medium
Insufficient validation of untrusted input in TabSwitcher in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via malicious network traffic. (Chromium security severity: Low)
CVE-2026-14082 1 Google 1 Chrome 2026-07-02 6.5 Medium
Race in Storage in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14083 1 Google 1 Chrome 2026-07-02 6.1 Medium
Insufficient validation of untrusted input in HTML in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14084 1 Google 1 Chrome 2026-07-02 8.8 High
Insufficient validation of untrusted input in Chromoting in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via malicious network traffic. (Chromium security severity: Low)
CVE-2026-14089 1 Google 1 Chrome 2026-07-02 4.3 Medium
Insufficient validation of untrusted input in PopupBlocker in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14095 1 Google 1 Chrome 2026-07-02 9.6 Critical
Insufficient policy enforcement in Browser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14102 1 Google 1 Chrome 2026-07-02 8.8 High
Use after free in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14106 1 Google 1 Chrome 2026-07-02 9.6 Critical
Insufficient validation of untrusted input in Text in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)