25 matches found
Astra Linux – Vulnerability in Chromium
In Google Chrome on Linux and ChromeOS before version 92.0.4515.107, an attacker who convinced a user to install a malicious extension could perform an out-of-bounds memory write by using a crafted HTML page. This vulnerability allowed the attacker to execute such an operation...
SUSE CVE-2026-12019
Heap buffer overflow in Codecs in Google Chrome on Linux and ChromeOS prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
DEBIAN-CVE-2026-12019
Heap buffer overflow in Codecs in Google Chrome on Linux and ChromeOS prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-12019
The CVE-2026-12019 entry concerns a Heap buffer overflow in the Codecs component of Google Chrome on Linux/ChromeOS, prior to 149.0.7827.115. The issue could allow a remote attacker, after compromising the renderer process, to potentially perform a sandbox escape via a crafted HTML page. Affected...
CVE-2026-12019
Heap buffer overflow in Codecs in Google Chrome on Linux and ChromeOS prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-11668
Uninitialized Use in Codecs in Google Chrome on Linux, ChromeOS prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted video file. Chromium security severity: High...
CVE-2026-11676
Insufficient validation of untrusted input in Dawn in Google Chrome on Linux and ChromeOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-11676
Insufficient validation of untrusted input in Dawn in Google Chrome on Linux and ChromeOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-11676
CVE-2026-11676 affects Google Chrome on Linux/ChromeOS (Dawn component) and is due to insufficient validation of untrusted input, allowing a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. The issue is observed prior to Chr...
CVE-2026-11668
CVE-2026-11668 concerns Google Chrome on Linux and ChromeOS versions before 149.0.7827.103, with an uninitialized use in codecs leading to potential cross-origin data leakage via a crafted video file. The issue is described as high severity; affected: Chrome on Linux/ChromeOS prior to the listed ...
CVE-2026-11668
Uninitialized Use in Codecs in Google Chrome on Linux, ChromeOS prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted video file. Chromium security severity: High...
CVE-2026-11028
Use after free in Media in Google Chrome on Linux and ChromeOS prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11028
Google Chrome on Linux and ChromeOS is affected by CVE-2026-11028 due to a use-after-free in the Media component, allowing a remote attacker who compromises the renderer to run arbitrary code in the sandbox via a crafted HTML page. The issue is instead mitigated in versions newer than 149.0.7827....
SUSE CVE-2026-9117
Type Confusion in GFX in Google Chrome on Linux, ChromeOS prior to 148.0.7778.179 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted video file. Chromium security severity: High...
SUSE CVE-2026-9123
Heap buffer overflow in Chromecast in Google Chrome on Android, Linux, ChromeOS prior to 148.0.7778.179 allowed a local attacker to execute arbitrary code inside a sandbox via malicious network traffic. Chromium security severity: Medium...
CVE-2026-9123
Heap buffer overflow in Chromecast in Google Chrome on Android, Linux, ChromeOS prior to 148.0.7778.179 allowed a local attacker to execute arbitrary code inside a sandbox via malicious network traffic. Chromium security severity: Medium...
SUSE CVE-2026-8535
Out of bounds read in Media in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted JPEG file. Chromium security severity: High...
CVE-2026-8535
Out of bounds read in Media in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted JPEG file. Chromium security severity: High...
CVE-2026-8535
Out of bounds read in Media in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted JPEG file. Chromium security severity: High...
EUVD-2026-28087
Insufficient validation of untrusted input in UI in Google Chrome on Linux, ChromeOS prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Medium...