Vulnerabilidades CVE

A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:

Borrar filtros
CVE ID Publicado Severidad CVSS Descripción
CVE-2026-11308 2026-06-05 MEDIUM 6.3 Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to perform privilege escalation via a…
CVE-2026-11231 2026-06-04 HIGH 8.1 Inappropriate implementation in Safe Browsing in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a malicious file. (Chromium security severity:…
CVE-2026-11229 2026-06-04 MEDIUM 4.6 Inappropriate implementation in Enterprise in Google Chrome prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via physical access to the device. (Chromium security severity: Low)
CVE-2026-11227 2026-06-04 MEDIUM 6.5 Incorrect security UI in Tab Hover Cards in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security…
CVE-2026-11226 2026-06-04 MEDIUM 6.5 Insufficient policy enforcement in PreviewTab in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to…
CVE-2026-11225 2026-06-04 MEDIUM 6.5 Inappropriate implementation in WebUI in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Low)
CVE-2026-11212 2026-06-04 MEDIUM 4.3 Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via…
CVE-2026-11210 2026-06-04 MEDIUM 6.5 Inappropriate implementation in Safe Browsing in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary access control via a crafted RAR file. (Chromium security severity:…
CVE-2026-11209 2026-06-04 MEDIUM 6.5 Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory…
CVE-2026-11207 2026-06-04 CRITICAL 9.6 Insufficient validation of untrusted input in Autofill in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via malicious network traffic. (Chromium…
CVE-2026-41237 2026-06-04 N/A 0.0 Froxlor is open source server administration software. In version 2.3.6 and earlier, the LOC record regex uses `\s+` which matches newlines (allowing embedded newlines to pass), TLSA `matchingType=0`…
CVE-2026-41236 2026-06-04 HIGH 8.8 Froxlor is open source server administration software. Version 2.3.6 contains a symlink-following flaw in the root-owned SSH key synchronization path used for customer FTP users. The provisioning code…
CVE-2026-41235 2026-06-04 N/A 0.0 Froxlor is open source server administration software. Version 2.3.6 lets administrators configure `system.available_shells` as the approved shell list that customers may assign to FTP users. However, the server-side…
CVE-2026-41234 2026-06-04 HIGH 7.6 Froxlor is open source server administration software. Prior to version 2.3.7, the `DomainZones.add` API endpoint does not sanitize newline characters in TXT record content. An authenticated customer with…
CVE-2026-20245 2026-06-04 HIGH 7.8 A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a…
CVE-2026-11211 2026-06-04 N/A 0.0 Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security…
CVE-2026-11309 2026-06-05 MEDIUM 4.3 Insufficient policy enforcement in History in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-11237 2026-06-04 HIGH 8.3 Insufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via…
CVE-2026-11236 2026-06-04 HIGH 8.3 Insufficient policy enforcement in Web Bluetooth in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape…
CVE-2026-11234 2026-06-04 MEDIUM 4.3 Inappropriate implementation in FoldableAPIs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML…
CVE-2026-11233 2026-06-04 MEDIUM 4.7 Insufficient policy enforcement in FoldableAPIs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a…
CVE-2026-11232 2026-06-04 MEDIUM 5.4 Inappropriate implementation in TabGroups in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via malicious network traffic. (Chromium security severity: Low)
CVE-2026-11228 2026-06-04 MEDIUM 4.3 Inappropriate implementation in File Input in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI…
CVE-2026-11188 2026-06-04 HIGH 8.8 Use after free in USB in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.…
CVE-2026-11187 2026-06-04 MEDIUM 6.3 Inappropriate implementation in Glic in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11186 2026-06-04 MEDIUM 6.1 Inappropriate implementation in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security…
CVE-2026-11184 2026-06-04 MEDIUM 6.3 Insufficient policy enforcement in Actor in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11183 2026-06-04 MEDIUM 6.5 Out of bounds read in GWP-ASan in Google Chrome prior to 149.0.7827.53 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file.…
CVE-2026-11150 2026-06-04 N/A 0.0 Inappropriate implementation in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security…
CVE-2026-11148 2026-06-04 N/A 0.0 Inappropriate implementation in Payments in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity:…
CVE-2026-11146 2026-06-04 N/A 0.0 Insufficient validation of untrusted input in Chromoting in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox…
CVE-2026-11145 2026-06-04 N/A 0.0 Race in Geolocation in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11144 2026-06-04 N/A 0.0 Use after free in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted video file. (Chromium…
CVE-2026-11143 2026-06-04 N/A 0.0 Out of bounds read in Extensions in Google Chrome on Linux prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to obtain…
CVE-2026-11142 2026-06-04 N/A 0.0 Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity:…
CVE-2026-11141 2026-06-04 N/A 0.0 Uninitialized Use in Audio in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory…
CVE-2026-11140 2026-06-04 N/A 0.0 Out of bounds read in Chromecast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from…
CVE-2026-11139 2026-06-04 N/A 0.0 Inappropriate implementation in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11138 2026-06-04 N/A 0.0 Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11137 2026-06-04 N/A 0.0 Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium…
CVE-2026-11135 2026-06-04 N/A 0.0 Insufficient policy enforcement in Autofill in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. (Chromium security severity:…
CVE-2026-11134 2026-06-04 N/A 0.0 Inappropriate implementation in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11133 2026-06-04 N/A 0.0 Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity:…
CVE-2026-11132 2026-06-04 N/A 0.0 Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity:…
CVE-2026-11131 2026-06-04 N/A 0.0 Use after free in Autofill in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox…
CVE-2026-11129 2026-06-04 N/A 0.0 Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11128 2026-06-04 N/A 0.0 Inappropriate implementation in Web Share in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin…
CVE-2026-11127 2026-06-04 N/A 0.0 Inappropriate implementation in WebAPKs in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted WebAPK. (Chromium security severity: Medium)
CVE-2026-11126 2026-06-04 N/A 0.0 Inappropriate implementation in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a…
CVE-2026-11124 2026-06-04 N/A 0.0 Integer overflow in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
« Anterior Página 127 de 4508 Siguiente »