Lucene search
K

23 matches found

EUVD
EUVD
added 9 hours ago4 views

EUVD-2026-40507

Use after free in Canvas in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

6.2AI score
Exploits0References3
CVE
CVE
added yesterday2 views

CVE-2026-13840

CVE-2026-13840 involves insufficient policy enforcement in Canvas within Google Chrome prior to version 150.0.7871.47, allowing a remote attacker to leak cross-origin data via a crafted HTML page. The vulnerability is described as a canvas policy enforcement issue, with high severity. The availab...

5.8AI score
Exploits0References2
CVE
CVE
added yesterday6 views

CVE-2026-13821

CVE-2026-13821 affects Google Chrome. A use-after-free in Canvas allows a remote attacker to execute arbitrary code inside the sandbox via a crafted HTML page. Vulnerable are Chrome versions prior to 150.0.7871.47. Impact is high. The issue is mitigated by upgrading to Chrome 150.0.7871.47 or new...

6.2AI score
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:45 a.m.8 views

SUSE CVE-2026-11081

Inappropriate implementation in Canvas in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00165EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/05 12:31 a.m.11 views

EUVD-2026-34597

Use after free in Canvas in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.0028EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-11081

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Canvas in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page...

6.5CVSS5.5AI score0.00165EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/04 11:5 p.m.28 views

CVE-2026-11136

Use after free in Canvas in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

0.0028EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/07 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-7977

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Canvas in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to bypass same origin policy via a crafted HTML page...

6.3CVSS5.9AI score0.00157EPSS
Exploits0References2
CVE
CVE
added 2026/05/06 6:12 p.m.16 views

CVE-2026-7977

CVE-2026-7977 involves an inappropriate implementation in Canvas in Google Chrome before 148.0.7778.96 that allows a remote attacker to bypass the same-origin policy via a crafted HTML page. Affected software is Google Chrome (Canvas component in Chromium). Root cause is an incorrect Canvas imple...

6.3CVSS5.8AI score0.00157EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/04/28 11:16 p.m.8 views

DEBIAN-CVE-2026-7363

Use after free in Canvas in Google Chrome on Linux, ChromeOS prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6.1AI score0.00309EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/28 10:35 p.m.3 views

CVE-2026-7363

Use after free in Canvas in Google Chrome on Linux, ChromeOS prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Critical...

6AI score0.00309EPSS
Exploits0References2
OSV
OSV
added 2024/03/20 5:15 p.m.7 views

DEBIAN-CVE-2024-2627

Use after free in Canvas in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS8.2AI score0.00788EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/02/01 12:16 a.m.9 views

SUSE CVE-2024-1060

Use after free in Canvas in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS9.2AI score0.00881EPSS
Exploits0References4
OSV
OSV
added 2024/01/30 10:15 p.m.4 views

DEBIAN-CVE-2024-1060

Use after free in Canvas in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS8.2AI score0.00881EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/01/30 12:0 a.m.3 views

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. A memory misreference vulnerability exists in the Google Chrome Canvas module, which can be exploited by an attacker to execute arbitrary code on a system...

8.8CVSS7.6AI score0.00881EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:7 a.m.5 views

SUSE CVE-2016-1689

Heap-based buffer overflow in content/renderer/media/canvascapturehandler.cc in Google Chrome before 51.0.2704.63 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted web site...

6.5CVSS9.6AI score0.01025EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 4:17 a.m.4 views

SUSE CVE-2019-5766

Incorrect handling of origin taint checking in Canvas in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

6.5CVSS6.7AI score0.01632EPSS
Exploits0References7
OSV
OSV
added 2019/02/19 5:29 p.m.1 views

UBUNTU-CVE-2019-5766

Incorrect handling of origin taint checking in Canvas in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

6.5CVSS7AI score0.01632EPSS
Exploits0References2
CNVD
CNVD
added 2019/01/31 12:0 a.m.3 views

Google Chrome Insufficient Policy Enforcement Vulnerability

Chrome is a web browsing tool developed by Google. A policy enforcement insufficiency vulnerability exists in Canvas in versions of Google Chrome prior to 72.0.3626.81. An attacker can exploit this vulnerability to leak cross-origin data via a crafted HTML page...

6.5CVSS8.5AI score0.01632EPSS
Exploits0References1
OSV
OSV
added 2018/12/11 4:29 p.m.1 views

UBUNTU-CVE-2018-18338

Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.3AI score0.01424EPSS
Exploits0References2
Rows per page
Query Builder