Secure Gatev1.0.0新着セキュリティニュース バックナンバー

新着セキュリティニュース バックナンバー

直近表示から外れた情報を確認できます。診断結果とは別情報として扱います。

総件数211878件
表示件数50件/ページ
ページ35

CVE-2026-58299

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Time-of-check time-of-use (toctou) race condition in Microsoft Edge for Android allows an unauthorized attacker to execute code over a network.

CVE-2026-58298

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-58297

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Exposure of private personal information to an unauthorized actor in Microsoft Edge for Android allows an unauthorized attacker to disclose information over a network.

CVE-2026-58296

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Exposure of private personal information to an unauthorized actor in Microsoft Edge for Android allows an unauthorized attacker to disclose information over a network.

CVE-2026-58295

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.

CVE-2026-58294

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-58293

Threat Intelligence NVD CVE 危険度: high 緊急度: high

External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-58292

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-58291

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

Operation on a resource after expiration or release in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network.

CVE-2026-58290

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-58289

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-58288

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-58287

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-58286

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-58285

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-58284

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Improper authorization in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-58283

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-58282

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-58278

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

Server-side request forgery (ssrf) in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-58276

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-57993

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Server-side request forgery (ssrf) in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-57992

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-57991

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network.

CVE-2026-57988

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Relative path traversal in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-57987

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

Server-side request forgery (ssrf) in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-57986

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-57985

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-57984

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-57983

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Improper authorization in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.

CVE-2026-57981

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-57977

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-57975

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-57974

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Integer overflow or wraparound in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-56646

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

Exposure of sensitive information to an unauthorized actor in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-56645

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Heap-based buffer overflow in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-55945

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Edge (Chromium-based) allows an authorized attacker to disclose information locally.

CVE-2026-45489

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

Microsoft Edge (Chromium-based) Spoofing Vulnerability

CVE-2026-45488

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-28744

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Gitea versions up to and including 1.26.1 allow Git smart HTTP requests authenticated with bearer tokens to bypass repository token scope checks.

CVE-2026-28740

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Gitea versions up to and including 1.26.2 allow Git LFS object reuse to authorize private source objects for users who have repository access but lack Code-unit access.

CVE-2026-28737

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Gitea versions from 1.25.0 before 1.26.0 allow stored cross-site scripting through the extensionsRequired field in glTF files rendered by the 3D file viewer.

CVE-2026-28705

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

Gitea versions before 1.25.5 use release tag names and asset names as filesystem path components when dumping release assets, allowing specially crafted names to affect dump output paths.

CVE-2026-27780

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

Gitea versions before 1.26.0 do not fail closed on bufio.Scanner errors while processing pre-receive hook input, allowing oversized input to bypass branch-protection checks.

CVE-2026-27779

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

Gitea versions before 1.25.5 accept malformed or injected forwarded-proto values when detecting public URLs, allowing spoofed canonical URL generation.

CVE-2026-27775

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

Gitea 1.25.5 caches a branch-specific write-permission result across multiple refs in one pre-receive hook session, allowing a per-branch maintainer-edit grant to be reused for other refs and escalate to full repository write access.

CVE-2026-27771

Threat Intelligence NVD CVE 危険度: high 緊急度: high

Gitea versions up to and including 1.26.1 have insufficient permission checks for Composer package source links, which can expose private or internal package source information.

CVE-2026-27761

Threat Intelligence NVD CVE 危険度: medium 緊急度: medium

Gitea versions up to and including 1.26.2 allow repository RSS and Atom feed endpoints to bypass API access token scope checks, exposing private repository commit data to tokens without the required repository scope.