Lucene search
+L

697 matches found

Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.5 views

CVE-2026-13882

Race in USB in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.8AI score0.00224EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:38 p.m.8 views

CVE-2026-13880

Use after free in USB in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.0028EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.27 views

CVE-2026-13876

Inappropriate implementation in Network in Google Chrome prior to 150.0.7871.47 allowed an attacker in a privileged network position to bypass content security policy via malicious network traffic. Chromium security severity: Medium...

0.00227EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.30 views

CVE-2026-13872

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to potentially perform a sandbox escape via a malicious file. Chromium security severity: Medium...

0.00272EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:38 p.m.20 views

CVE-2026-13867

CVE-2026-13867 affects Google Chrome’s Geolocation implementation. The vulnerability arises from an inappropriate Geolocation implementation, enabling a remote attacker to spoof UI via a crafted HTML page. Impact is UI spoofing with no confirmed exploitation details beyond the description; affect...

4.3CVSS5.8AI score0.0023EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/30 10:37 p.m.8 views

CVE-2026-13852

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: High...

9.1CVSS5.8AI score0.00289EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/30 10:37 p.m.5 views

CVE-2026-13842

Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.8AI score0.00227EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/30 10:37 p.m.24 views

CVE-2026-13839

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

0.00218EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:37 p.m.8 views

CVE-2026-13829

Insufficient validation of untrusted input in Settings in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00297EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:37 p.m.7 views

CVE-2026-13826

Inappropriate implementation in Autofill in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00233EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/06/30 10:37 p.m.9 views

CVE-2026-13823

Use after free in Glic in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00278EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/30 10:37 p.m.26 views

CVE-2026-13811

Use after free in IME in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

0.00351EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:37 p.m.23 views

CVE-2026-13799

CVE-2026-13799 is a heap-corruption risk caused by a Use-After-Free in QUIC within Google Chrome prior to 150.0.7871.47. Public sources consistently describe the vulnerability as a QUIC-related use-after-free issue that could be triggered by malicious network traffic, leading to potential heap co...

8.1CVSS5.8AI score0.00298EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/30 10:37 p.m.9 views

CVE-2026-13790

Side-channel information leakage in Scroll in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.8AI score0.00299EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/30 10:37 p.m.32 views

CVE-2026-13781

Insufficient validation of untrusted input in Skia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

0.00314EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.7 views

PT-2026-54425

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in the Speech component allows a remote attacker who has compromised the renderer process to perform UI spoofing through a crafted HTML page. ...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.12 views

PT-2026-54190

Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description Insufficient policy enforcement in the Autofill feature allows a remote attacker to leak cross-origin data. This occurs when a user is convinced to perform specific UI gestures o...

9.8CVSS6AI score0.00413EPSS
Exploits0References445
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.11 views

PT-2026-54314

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient policy enforcement in the GetUserMedia function allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or...

9.6CVSS6AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.9 views

PT-2026-54150

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An out of bounds read occurs in the Layout component, which allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. An out...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.10 views

PT-2026-54286

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An uninitialized use in codecs allows a remote attacker to obtain potentially sensitive information from process memory by inducing the user to visit a crafted HTML page. Recommendation...

9.6CVSS6AI score0.00413EPSS
Exploits0References448
Rows per page
Query Builder