40 matches found
CVE-2026-9126 vulnerabilities
Vulnerabilities for packages: chromium...
Chromium: CVE-2026-9126 Use after free in DOM
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
CVE-2026-9126
Use after free in DOM in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-9126
CVE-2026-9126 describes a use-after-free in DOM in Google Chrome prior to version 148.0.7778.179 . The vulnerability allows a remote attacker to execute arbitrary code within the browser sandbox via a crafted HTML page. The associated metrics indicate a high-impact, (CVSS 3.1) base score of 8.8 w...
CVE-2026-9126
Use after free in DOM in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
Google Chrome < 148.0.7778.178 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 148.0.7778.178. It is, therefore, affected by multiple vulnerabilities as referenced in the 202605stable-channel-update-for-desktop0841193308 advisory. - Use after free in DOM in Google Chrome on prior to 148.0.7778.179...
CVE-2024-9126
creationtimestamp| type| source ---|---|--- 2025-11-14 05:25:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m5kwxf2io42n 2025-11-14 06:40:53+00:00| seen| https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m5l34lf546y2...
CVE-2024-9126
Use after free in Internals in Google Chrome on iOS prior to 127.0.6533.88 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a series of curated UI gestures. Chromium security severity: Medium...
CVE-2024-9126
CVE-2024-9126 affects Google Chrome on iOS (Internals component). A use-after-free in Internals could allow heap corruption when a user is guided to perform specific UI gestures. The issue is mitigated by updating Chrome to version 127.6533.88 or later (per Chrome release notes). Exploitation is ...
CVE-2025-9126
creationtimestamp| type| source ---|---|--- 2025-09-06 07:39:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ly5oanbt5y2p...
CVE-2025-27371
In certain IETF OAuth 2.0-related specifications, when the JSON Web Token Profile for OAuth 2.0 Client Authentication mechanism is used, there are ambiguities in the audience values of JWTs sent to authorization servers. The affected RFCs may include RFC 7523, and also RFC 7521, RFC 7522, RFC 910...
CVE-2025-27371
In certain IETF OAuth 2.0-related specifications, when the JSON Web Token Profile for OAuth 2.0 Client Authentication mechanism is used, there are ambiguities in the audience values of JWTs sent to authorization servers. The affected RFCs may include RFC 7523, and also RFC 7521, RFC 7522, RFC 910...
CVE-2025-27371
Technical details for CVE-2025-27371 are not publicly available in the provided documents. The materials do not specify affected products, versions, impact, or remediation. Monitor for updates.
CVE-2025-27371
In certain IETF OAuth 2.0-related specifications, when the JSON Web Token Profile for OAuth 2.0 Client Authentication mechanism is used, there are ambiguities in the audience values of JWTs sent to authorization servers. The affected RFCs may include RFC 7523, and also RFC 7521, RFC 7522, RFC 910...
CVE-2025-27371
In certain IETF OAuth 2.0-related specifications, when the JSON Web Token Profile for OAuth 2.0 Client Authentication mechanism is used, there are ambiguities in the audience values of JWTs sent to authorization servers. The affected RFCs may include RFC 7523, and also RFC 7521, RFC 7522, RFC 910...
Ubuntu 16.04 LTS : libquicktime vulnerabilities (USN-4545-1)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4545-1 advisory. It was discovered that libquicktime incorrectly handled certain malformed MP4 files. If a user were tricked into opening a specially crafted MP4 file, a...
USN-4545-1: libquicktime vulnerabilities
It was discovered that libquicktime incorrectly handled certain malformed MP4 files. If a user were tricked into opening a specially crafted MP4 file, a remote attacker could use this issue to cause a denial of service resource exhaustion. CVE-2017-9122 It was discovered that libquicktime...
CVE-2017-18663
An issue was discovered on Samsung mobile devices with N7.x software. Because of missing Intent exception handling, systemserver can have a NullPointerException with a crash of a system process. The Samsung IDs are SVE-2017-9122, SVE-2017-9123, SVE-2017-9124, and SVE-2017-9126 July 2017...
Code injection
An issue was discovered on Samsung mobile devices with N7.x software. Because of missing Intent exception handling, systemserver can have a NullPointerException with a crash of a system process. The Samsung IDs are SVE-2017-9122, SVE-2017-9123, SVE-2017-9124, and SVE-2017-9126 July 2017...
CVE-2017-18663
An issue was discovered on Samsung mobile devices with N7.x software. Because of missing Intent exception handling, systemserver can have a NullPointerException with a crash of a system process. The Samsung IDs are SVE-2017-9122, SVE-2017-9123, SVE-2017-9124, and SVE-2017-9126 July 2017...