CVE-2026-7977

An inappropriate implementation flaw was found in the Canvas component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497821223...

Linux Distros Unpatched Vulnerability : CVE-2026-7977

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Canvas in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to bypass same origin policy via a crafted HTML page...

DEBIAN-CVE-2026-7977

Inappropriate implementation in Canvas in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-7977

CVE-2026-7977 involves an inappropriate implementation in Canvas in Google Chrome before 148.0.7778.96 that allows a remote attacker to bypass the same-origin policy via a crafted HTML page. Affected software is Google Chrome (Canvas component in Chromium). Root cause is an incorrect Canvas imple...

CVE-2026-7977

Inappropriate implementation in Canvas in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-7977

Inappropriate implementation in Canvas in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-7977

creationtimestamp| type| source ---|---|--- 2026-05-06 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260507 2026-05-07 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities20260508...

CVE-2020-7977

GitLab EE 8.8 and later through 12.7.2 has Insecure Permissions...

Linux Distros Unpatched Vulnerability : CVE-2024-7977

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege escalation via a...

Linux Distros Unpatched Vulnerability : CVE-2016-7977

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ghostscript before 9.21 might allow remote attackers to bypass the SAFER mode protection mechanism and consequently read arbitrary files via the use of the...

Linux Distros Unpatched Vulnerability : CVE-2015-7977

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service NULL pointer dereference via a ntpdc reslist command...

AlmaLinux 8 : firefox (ALSA-2024:7977)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:7977 advisory. firefox: Use-after-free in Animation timeline 128.3.1 ESR Chemspill CVE-2024-9680 Tenable has extracted the preceding description block directly from the AlmaLinux...

Oracle Linux 8 : firefox (ELSA-2024-7977)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-7977 advisory. 128.3.1-2.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 128.3.1 - Add debranding patches Mustafa Gezen - Add OpenELA default preference...

Debian: Security Advisory (DSA-5757-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (openSUSE-SU-2024:0258-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OPENSUSE-SU-2024:0258-2 Security update for chromium

This update for chromium fixes the following issues: - Chromium 128.0.6613.84 boo1229591 CVE-2024-7964: Use after free in Passwords CVE-2024-7965: Inappropriate implementation in V8 CVE-2024-7966: Out of bounds memory access in Skia CVE-2024-7967: Heap buffer overflow in Fonts CVE-2024-7968: Use...

Debian dsa-5757 : chromium - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5757 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5757-1 [email protected] https://www.debian.org/securit...

Chromium: CVE-2024-7977 Insufficient data validation in Installer

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

SUSE CVE-2024-7977

Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege escalation via a malicious file. Chromium security severity: Medium...

CVE-2024-7977

creationtimestamp| type| source ---|---|--- 2024-08-22 00:07:01+00:00| seen| https://t.me/cvedetector/3839...