DEBIAN-CVE-2026-12026

Out of bounds read in Video in Google Chrome on ChromeOS prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

EUVD-2026-33127

Insufficient validation of untrusted input in Media in Google Chrome on ChromeOS prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

CVE-2026-9123

Heap buffer overflow in Chromecast in Google Chrome on Android, Linux, ChromeOS prior to 148.0.7778.179 allowed a local attacker to execute arbitrary code inside a sandbox via malicious network traffic. Chromium security severity: Medium...

Astra Linux - уязвимость в chromium

In Google Chrome on the Chrome OS, the use of “after free” in Tablet Mode before version 102.0.5005.61 allowed a remote attacker who convinced a user to engage in certain user interactions to potentially exploit heap corruption through those interactions...

Astra Linux - уязвимость в chromium

Before version 104.0.5112.79, using "use after free" in the Input component in Google Chrome on the Chrome OS allowed a remote attacker who convinced a user to perform certain user interactions to potentially exploit heap corruption through those interactions...

CVE-2026-0248 Prisma Access Agent: Improper Certificate Validation Vulnerability

An improper certificate validation vulnerability in the Prisma Access Agent® for Android and Chrome OS enables an attacker to perform a man-in-the-middle MitM attack to intercept VPN traffic. By presenting a certificate for any domain issued by a trusted Certificate Authority, the attacker can...

PT-2026-40772

An improper certificate validation vulnerability in the Prisma Access Agent® for Android and Chrome OS enables an attacker to perform a man-in-the-middle MitM attack to intercept VPN traffic. By presenting a certificate for any domain issued by a trusted Certificate Authority, the attacker can...

CVE-2026-7363

CVE-2026-7363 describes a use-after-free in Canvas in Google Chrome on Linux and ChromeOS prior to 147.0.7727.138, allowing a remote attacker to execute arbitrary code inside the sandbox. The issue affects Google Chrome: Linux/ChromeOS prior to the fixed build, with a high-severity (Critical) imp...

CVE-2025-10201

Inappropriate implementation in Mojo in Google Chrome on Android, Linux, ChromeOS prior to 140.0.7339.127 allowed a remote attacker to bypass site isolation via a crafted HTML page. Chromium security severity: High...

Google Chrome OS 安全漏洞

Google Chrome OS is a lightweight, open source, web-based operating system from Google. Google Chrome OS suffers from an out-of-bounds read vulnerability that stems from a lack of proper validation of user-supplied data in ipsetbitmapip.c, which can be exploited by an attacker to cause memory...

Google Chrome OS 安全漏洞

Google Chrome OS is a lightweight, open source, web-based operating system from Google. Google Chrome OS suffers from an Access Control Error vulnerability that stems from insufficient configuration access control in the Gerrit project, which can be exploited by an attacker to cause remote code...

Google Chrome OS 安全漏洞

Google Chrome OS is a lightweight, open source, web-based operating system from Google. Google Chrome OS suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to bypass operating system authentication...

Advisory ROSA-SA-2025-2582

software: libtiff 4.1.0 OS: ROSA-CHROME packageevrstring: libtiff-4.1.0-8 CVE-ID: CVE-2024-7006 BDU-ID: 2024-06610 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the LibTIFF library involves null pointer dereferencing via tifdirinfo.c. Exploitation of the vulnerability could allow an attacker...

PT-2024-1863 · Google · Google Chrome

Name of the Vulnerable Software and Affected Versions: The Master Slider – Responsive Touch Slider plugin for WordPress versions up to, and including, 3.9.5 Google ChromeOS affected versions not specified Description: The issue is related to insufficient access control in Google ChromeOS and a...

The vulnerability of the PowerVR graphics driver in the ChromeOS operating system allows a hacker to execute arbitrary code and gain elevated privileges.

The vulnerability of the PowerVR graphics processor driver in the ChromeOS operating system is related to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to execute arbitrary code and increase their privileges...

The vulnerability of the RGXBackingZSBuffer() function in the PowerVR GPU driver for Android and ChromeOS allows a hacker to execute arbitrary code and gain elevated privileges.

The vulnerability of the RGXBackingZSBuffer function in the PowerVR GPU graphics driver for Android and ChromeOS systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code and gain elevated privileges...

The vulnerability of the FileHandler component in the Google Chrome browser for the ChromeOS operating system allows a hacker to compromise the confidentiality and integrity of information.

The vulnerability of the FileHandler component in Google Chrome’s browser for the ChromeOS operating system is related to an improper definition of links before accessing the file. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality and integrity of...

CVE-2023-3497

Out of bounds read in Google Security Processor firmware in Google Chrome on Chrome OS prior to 114.0.5735.90 allowed a local attacker to perform denial of service via physical access to the device. Chromium security severity: Medium...

SUSE CVE-2023-2461

Use after free in OS Inputs in Google Chrome on ChromeOS prior to 113.0.5672.63 allowed a remote attacker who convinced a user to enage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. Chromium security severity: Medium...

SUSE CVE-2017-5084

Inappropriate implementation in image-burner in Google Chrome OS prior to 59.0.3071.92 allowed a local attacker to read local files via dbus-send commands to a BurnImage D-Bus endpoint...