892 matches found
CVE-2026-6304
Use after free in Graphite in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-6304
CVE-2026-6304 covers a use-after-free in Graphite within Google Chrome prior to version 147.0.7727.101 . The issue allows a remote attacker who has already compromised the renderer process to potentially achieve a sandbox escape via a crafted HTML page . The vulnerability affects Chrome’s Graphit...
CVE-2026-6304
Use after free in Graphite in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-6304
Use after free in Graphite in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-6304
Use after free in Graphite in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-6304
Use after free in Graphite in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
Stable Channel Update for Desktop
The Stable channel has been updated to 147.0.7727.101/102 for Windows/Mac and 147.0.7727.101 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log Security Fixes and Rewards Note: Access to bug details and links may be kept...
Linux Distros Unpatched Vulnerability : CVE-2026-6304
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Graphite in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.101 contained a security vulnerability. This vulnerability stemmed from the Graphite component allowing for post-release reuse, which could enable remote attackers who have infiltrated the...
KLA90990 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Denial of service vulnerability in ANGLE can be exploited...
PT-2026-33142
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.101 Description A use after free issue in Graphite allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page. Use after free...
SUSE CVE-2026-0528
Improper Validation of Array Index CWE-129 exists in Metricbeat can allow an attacker to cause a Denial of Service through Input Data Manipulation CAPEC-153 via specially crafted, malformed payloads sent to the Graphite server metricset or Zookeeper server metricset. Additionally, Improper Input...
Security update for grafana
This update for grafana fixes the following issues: Security issues fixed: CVE-2026-21722: Public dashboards annotations: use dashboard timerange if time selection disabled bsc1258136 CVE-2026-21721: Fixed access control by the dashboard permissions API bsc1257337 CVE-2026-21720: Fixed...
SUSE-SU-2026:20762-1 Security update for harfbuzz
This update for harfbuzz fixes the following issues: Update to version 11.4.5: Security fixes: - CVE-2026-22693: Fixed a NULL pointer dereference in SubtableUnicodesCache::create bsc1256459. Other fixes: - Bug fixes for “AAT” shaping, and other shaping micro optimizations. - Fix a shaping...
MiracleLinux 7 : firefox-38.6.1-1.0.1.el7.AXS7 (AXSA:2016-101:02)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2016-101:02 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this releas...
MiracleLinux 4 : firefox-38.6.1-1.0.1.AXS4 (AXSA:2016-107:02)
The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2016-107:02 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this releas...
MiracleLinux 7 : graphite2-1.3.6-1.el7 (AXSA:2016-200:01)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2016-200:01 advisory. Graphite2 is a project within SILs Non-Roman Script Initiative and Language Software Development groups to provide rendering capabilities for complex...
Improper Validation of Array Index
Overview Affected versions of this package are vulnerable to Improper Validation of Array Index in the Graphite or Zookeeper server metricsets and the Prometheus helper module. An attacker can cause a service disruption by sending specially crafted, malformed payloads or metric data. Remediation...
GHSA-W2GR-585J-R428 Metricbeat affected by multiple denial of service vulnerabilities
Improper Validation of Array Index CWE-129 exists in Metricbeat can allow an attacker to cause a Denial of Service through Input Data Manipulation CAPEC-153 via specially crafted, malformed payloads sent to the Graphite server metricset or Zookeeper server metricset. Additionally, Improper Input...
Improper Validation of Array Index
Overview Affected versions of this package are vulnerable to Improper Validation of Array Index in the Graphite or Zookeeper server metricsets and the Prometheus helper module. An attacker can cause a service disruption by sending specially crafted, malformed payloads or metric data. Remediation...