|
691
|
5.5 |
MEDIUM
Local
|
-
|
-
|
Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user.
This issue affects Apache HTT…
New
|
CWE-269
Improper Privilege Management
|
CVE-2026-44119
|
2026-06-9 22:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
692
|
8.0 |
HIGH
Network
|
-
|
-
|
VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets may be able to inject scri…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-41724
|
2026-06-9 22:16 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
693
|
8.0 |
HIGH
Network
|
-
|
-
|
VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets may be able to inject scri…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-41723
|
2026-06-9 22:16 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
694
|
8.0 |
HIGH
Network
|
-
|
-
|
VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets may be able to inject scri…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-41722
|
2026-06-9 22:16 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
695
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via…
Update
|
CWE-284
Improper Access Control
|
CVE-2026-11190
|
2026-06-9 21:51 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
696
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restricti…
Update
|
CWE-20
Improper Input Validation
|
CVE-2026-11189
|
2026-06-9 21:51 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
697
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Out of bounds memory access in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security s…
Update
|
CWE-125
Out-of-bounds Read
|
CVE-2026-11191
|
2026-06-9 21:50 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
698
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via malicious network traffic. (Chromium securi…
Update
|
CWE-20
Improper Input Validation
|
CVE-2026-11192
|
2026-06-9 21:49 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
699
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient policy enforcement in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. (Chromium securit…
Update
|
CWE-284
Improper Access Control
|
CVE-2026-11193
|
2026-06-9 21:49 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
700
|
8.3 |
HIGH
Network
|
-
|
-
|
Inappropriate implementation in Views in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via …
New
|
CWE-20
Improper Input Validation
|
CVE-2026-11682
|
2026-06-9 20:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
