1169 matches found
CVE-2026-10940
CVE-2026-10940 describes a race in the Codecs component of Google Chrome on Windows, prior to version 149.0.7827.53. A remote attacker who compromises the renderer could potentially escape the sandbox via a crafted HTML page. Affected product: Chrome/Chromium codecs subsystem; Root cause: race co...
CVE-2026-10940
Race in Codecs in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-10940
Race in Codecs in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-10940
Race in Codecs in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
firefox: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component...
firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Web Codecs component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Audio/Video: Web Codecs component...
ALSA-2026:22643 Important: thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component CVE-2026-8391 firefox: Sandbox escape in the Profile Backup component...
PT-2026-46607
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in Codecs allows a remote attacker to perform an out of bounds memory write by using a crafted video file. An out of bounds memory write occur...
PT-2026-46622
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in Codecs. This allows a remote attacker who has already compromised the renderer process to potentially perform a sandbox escape by using a crafted HTML...
PT-2026-46510
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in Codecs allows a remote attacker who has compromised the renderer process to leak cross-origin data using a crafted video file...
PT-2026-46495
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in Codecs allows a remote attacker to potentially perform a sandbox escape by using a crafted video file. A sandbox escape is a technique used to break o...
PT-2026-46469
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A race condition in Codecs allows a remote attacker who has already compromised the renderer process to potentially perform a sandbox escape. This is achieved through the use of a...
PT-2026-46489
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An uninitialized use in Codecs allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape by using a crafted HTML page. A sandbox escape i...
PT-2026-46734
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in Codecs allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. Use after free is a memory...
PT-2026-46623
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in Codecs allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. A...
PT-2026-46725
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in Codecs allows a remote attacker to potentially perform a sandbox escape by using a crafted video file. A sandbox escape is a technique used...
PT-2026-46566
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An out of bounds write occurs in Codecs, which could allow a remote attacker to potentially perform a sandbox escape by using a crafted video file. A sandbox escape is a technique used ...
firefox: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Denial-of-service due to invalid pointer in the Audio/Video: Web Codecs component...
firefox: thunderbird: Incorrect boundary conditions in the Audio/Video: Web Codecs component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Audio/Video: Web Codecs component...
RLSA-2026:21378 Important: firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component CVE-2026-8391 firefo...