|
2951
|
5.5 |
MEDIUM
Local
|
linaro
|
op-tee
|
OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 4.3.0 and prior t…
|
CWE-843
Type Confusion
|
CVE-2026-45702
|
2026-06-6 01:56 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2952
|
7.5 |
HIGH
Network
|
microsoft
|
exchange_online
|
Improper authorization in Microsoft Exchange Online allows an unauthorized attacker to disclose information over a network.
|
CWE-285
Improper Authorization
|
CVE-2026-48579
|
2026-06-6 01:51 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2953
|
8.8 |
HIGH
Network
|
dlink
|
dwr-m920_firmware
|
A vulnerability was detected in D-Link DWR-M920 1.1.50/1.1.70. Affected is the function sub_41C8E8 of the file /boafrm/formSmsManage. Performing a manipulation of the argument action_value results in…
|
CWE-74
CWE-77
Injection
Command Injection
|
CVE-2026-10878
|
2026-06-6 01:48 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2954
|
3.1 |
LOW
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in WebAuthentication in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy…
|
CWE-20
Improper Input Validation
|
CVE-2026-11244
|
2026-06-6 01:43 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2955
|
5.4 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in Downloads in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)
|
CWE-346
Origin Validation Error
|
CVE-2026-11243
|
2026-06-6 01:43 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2956
|
9.8 |
CRITICAL
Network
|
microsoft
|
azure_horizondb
|
Authentication bypass by spoofing in Azure HorizonDB allows an unauthorized attacker to elevate privileges over a network.
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2026-48567
|
2026-06-6 01:30 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2957
|
6.1 |
MEDIUM
Network
|
-
|
-
|
Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject …
|
CWE-20
Improper Input Validation
|
CVE-2026-11205
|
2026-06-6 01:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2958
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Inappropriate implementation in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
|
CWE-346
CWE-352
Origin Validation Error
Origin Validation Error
|
CVE-2026-11200
|
2026-06-6 01:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2959
|
9.6 |
CRITICAL
Network
|
-
|
-
|
Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium secu…
|
CWE-20
Improper Input Validation
|
CVE-2026-11198
|
2026-06-6 01:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2960
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Insufficient policy enforcement in Workers in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML p…
|
CWE-284
Improper Access Control
|
CVE-2026-11197
|
2026-06-6 01:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
