CVE-2026-8527

CVE-2026-8527 : In Google Chrome, insufficient validation of untrusted input in Downloads allows a remote attacker to execute arbitrary code via a crafted HTML page. Affected: Chrome (Chromium-based) prior to 148.0.7778.168. Root cause: input validation in the Downloads path. Impact: high severit...

CVE-2026-8527

Insufficient validation of untrusted input in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

Astra Linux - уязвимость в chromium

Insufficient data validation in Downloads in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

Astra Linux - уязвимость в chromium

Insufficient data validation in Downloads in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-5887

Insufficient validation of untrusted input in Downloads in Google Chrome on Windows prior to 147.0.7727.55 allowed a remote attacker to bypass download restrictions via a crafted HTML page. Chromium security severity: Medium...

Fedora 42 : chromium (2026-3736e2ff1a)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-3736e2ff1a advisory. Update to 144.0.7559.59 CVE-2026-0899: Out of bounds memory access in V8 CVE-2026-0900: Inappropriate implementation in V8 CVE-2026-0901:...

Google Chrome < 144.0.7559.59 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 144.0.7559.59. It is, therefore, affected by multiple vulnerabilities as referenced in the 202601stable-channel-update-for-desktop13 advisory. - Use after free in ANGLE in Google Chrome prior to 144.0.7559.59 allowed a...

DEBIAN-CVE-2024-9963

Insufficient data validation in Downloads in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

PT-2024-7565 · Google +4 · Google Chrome +4

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 130.0.6723.58 Microsoft Edge affected versions not specified Description: The issue is related to insufficient data validation in the Downloads component of Google Chrome and Microsoft Edge browsers. This can b...

SUSE CVE-2018-6033

Insufficient data validation in Downloads in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially run arbitrary code outside sandbox via a crafted Chrome Extension...

DEBIAN-CVE-2019-5875

Insufficient data validation in downloads in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

CVE-2018-6033

Insufficient data validation in Downloads in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially run arbitrary code outside sandbox via a crafted Chrome Extension...