58 matches found
SUSE CVE-2026-8008
Inappropriate implementation in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Low...
Linux Distros Unpatched Vulnerability : CVE-2026-7913
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in DevTools in Google Chrome on Android prior to 148.0.7778.96 allowed a local attacker to perform privilege escalation via a...
Linux Distros Unpatched Vulnerability : CVE-2026-7915
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient data validation in DevTools in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker to bypass navigation restrictions via a...
EUVD-2026-28119
Inappropriate implementation in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Low...
KLA91026 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution...
PT-2026-38158
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description Insufficient validation of untrusted input in DevTools allows a remote attacker who has compromised the renderer process to leak cross-origin data through a crafted HTML page...
Astra Linux - уязвимость в chromium
Before version 92.0.4515.107, using “after free” in DevTools in Google Chrome allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through a crafted HTML page...
Astra Linux - уязвимость в chromium
Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page...
com.digitalsanctuary:ds-spring-user-framework (>=3.0.0 <=3.1.0), com.the-qa-company:qendpoint-backend (>=2.3.0 <=2.5.1) +14 more potentially affected by CVE-2026-40972 via org.springframework.boot:spring-boot-devtools (>=3.4.0 <=3.4.13)
org.springframework.boot:spring-boot-devtools MAVEN version =3.4.0, =3.0.0, =2.3.0, =2.3.0, =3.1.9, =3.2.0 - de.muenchen.oss.ad2image:ad2image-app =1.1.0 - org.bremersee:common-exception-spring-boot-autoconfigure =5.0.0 - org.bremersee:common-exception-spring-boot-web-starter =5.0.0 -...
Timing Attack
Overview Affected versions of this package are vulnerable to Timing Attack in DevTool due to comparing the user-provided "remote secret" against the actual secret using standard string comparison logic like String.equals or ==. Standard string comparisons are not constant-time. They evaluate...
Chromium: CVE-2026-5901 Policy bypass in DevTools
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
KLA90964 DoS vulnerabilities in Opera
Denial of service vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. Out of bounds memory read vulnerability in Media can be exploited to cause denial of service. 2. Out of bounds memor...
KLA90909 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Integer overflow vulnerability in ANGLE can be exploited to cause execute arbitrary code...
KLA90908 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Integer overflow vulnerability in ANGLE can be exploited to cause execute arbitrary code and...
KLA90907 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. Out of bounds memory read and write vulnerability in Tint can be exploited to cause denial of service. 2. Out of...
CVE-2026-3063
Inappropriate implementation in DevTools in Google Chrome prior to 145.0.7632.116 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via DevTools. Chromium security severity: High...
CVE-2026-3063
Inappropriate implementation in DevTools in Google Chrome prior to 145.0.7632.116 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via DevTools. Chromium security severity: High...
Google Chrome < 145.0.7632.116 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 145.0.7632.116. It is, therefore, affected by multiple vulnerabilities as referenced in the 202602stable-channel-update-for-desktop23 advisory. - Inappropriate implementation in DevTools in Google Chrome prior to...
KLA90899 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. Out of bounds memory read vulnerability in Media can be exploited to cause denial of service. 2. Out of bounds memory...
ROS-20260122-73-0013
A vulnerability in the DevTools component of the Google Chrome browser is related to an unexpected sign extension. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...