Lucene search
+L

43 matches found

OSV
OSV
added 2026/07/01 11:16 p.m.3 views

DEBIAN-CVE-2026-14409

Inappropriate implementation in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Low...

7.5CVSS6.2AI score0.00265EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/01 12:34 a.m.6 views

EUVD-2026-40469

Use after free in Views in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

5.8AI score0.00314EPSS
Exploits0References3
NVD
NVD
added 2026/06/30 11:17 p.m.5 views

CVE-2026-13873

Out of bounds read in Layout in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00294EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.27 views

CVE-2026-13881

Inappropriate implementation in WebAppInstalls in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

0.00211EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:37 p.m.17 views

CVE-2026-13823

CVE-2026-13823 : Use-after-free in Glic within Google Chrome (prior to 150.0.7871.47) could allow a renderer-compromised remote attacker to escape the sandbox via a crafted HTML page. The issue is in Chrome/Chromium-based rendering; impact reported as High. Affected product/version: Google Chrome...

8.3CVSS5.8AI score0.00278EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/06/05 12:17 a.m.11 views

CVE-2026-11290

Integer overflow in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to cause a denial of service via a malicious file. Chromium security severity: Low...

5CVSS0.00066EPSS
Exploits0References2
OSV
OSV
added 2026/06/04 11:17 p.m.7 views

DEBIAN-CVE-2026-11155

Inappropriate implementation in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.5AI score0.00152EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/04 11:6 p.m.7 views

CVE-2026-11258

Inappropriate implementation in File System Access in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. Chromium security severity: Low...

6.5CVSS5.5AI score0.00201EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/06/04 11:5 p.m.11 views

CVE-2026-11246

Insufficient validation of untrusted input in IndexedDB in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

5.3CVSS5.5AI score0.00202EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/04 11:5 p.m.10 views

CVE-2026-11182

Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00247EPSS
Exploits0
CVE
CVE
added 2026/06/04 11:5 p.m.30 views

CVE-2026-11150

Summary: CVE-2026-11150 is an UXSS (arbitrary script/HTML) in Chrome due to an inappropriate XML implementation. Affected product: Google Chrome (Chromium base); vulnerable component: XML handling in the browser; root cause: improper XML processing leads to script/HTML injection via a crafted HTM...

6.1CVSS6AI score0.00159EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/04 11:5 p.m.37 views

CVE-2026-11118

Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

0.00387EPSS
Exploits0References2
CVE
CVE
added 2026/06/04 11:3 p.m.36 views

CVE-2026-10947

Affected software: Google Chrome (WebRTC component). Vulnerability: use-after-free in WebRTC leading to remote arbitrary code execution within the sandbox via a crafted HTML page. Scope: Chrome prior to version 149.0.7827.53 is impacted; patch level implied by the fixed version in the description...

8.8CVSS6.2AI score0.00493EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/28 10:25 p.m.40 views

CVE-2026-9900

Out of bounds write in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

0.00214EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/12 5:11 p.m.5 views

CVE-2026-42177

linux-entra-sso is a browser plugin for Linux to SSO on Microsoft Entra ID. Prior to 1.8.1, platform/chrome/js/platform-chrome.js:69-88 registers a single declarativeNetRequest rule whose urlFilter is Platform.SSOURL + "/", i.e. "https://login.microsoftonline.com/". Chrome's urlFilter without a |...

5.3CVSS5.8AI score0.00234EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/06 6:12 p.m.16 views

CVE-2026-7919

CVE-2026-7919 affects Google Chrome/Aura. Use-after-free in Aura prior to 148.0.7778.96 could allow a renderer‑process‑compromised attacker to escape the sandbox via a crafted HTML page. The Chrome 148 stable release (148.0.7778.96 and later) includes fixes for this issue. Mitigation is to update...

8.3CVSS5.8AI score0.00206EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/06 6:12 p.m.42 views

CVE-2026-7899

Out of bounds read and write in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

0.00296EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/04/30 2:29 a.m.6 views

SUSE CVE-2026-7345

Insufficient validation of untrusted input in Feedback in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.4AI score0.00243EPSS
Exploits0References3
NVD
NVD
added 2026/04/08 10:16 p.m.6 views

CVE-2026-5866

Use after free in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00303EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/01 4:41 a.m.6 views

CVE-2026-5272

Heap buffer overflow in GPU in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.4AI score0.0045EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder