CVE-2026-11240

An insufficient validation of untrusted input flaw was found in the Loader component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497030032...

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. of the United States. Google Chrome has a vulnerability related to input validation, which stems from insufficient trustworthiness in input validation provided by the Loader component...

ROS-20260122-73-0021

A vulnerability in the Loader component of Google Chrome browser is related to incorrect data type conversion. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...

PT-2026-21332

Name of the Vulnerable Software and Affected Versions GIMP versions 3.0.8 through 3.0.8-5 Fedora 43 Description A heap-buffer-overflow exists in the PSD loader component of the software, specifically within the fread pascal string function due to a missing null terminator. This issue can be...

Shai-Hulud v2 Spreads From npm to Maven, as Campaign Exposes Thousands of Secrets

The second wave of the Shai-Hulud supply chain attack has spilled over to the Maven ecosystem after compromising more than 830 packages in the npm registry. The Socket Research Team said it identified a Maven Central package named org.mvnpm:posthog-node:4.18.1 that embeds the same two components...

ROS-20251008-03

A vulnerability in the Loader component of Google Chrome browsers is related to bypassing the authentication procedure by using an alternate path or channel. Exploitation of the vulnerability could allow an attacker acting remotely to bypass security restrictions...

EUVD-2017-15334

Malware in sbrugna...

The vulnerability of the Loader component in Google Chrome browsers allows attackers to bypass security restrictions.

The vulnerability of the Loader component in Google Chrome browsers relates to bypassing the authentication process by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to circumvent security restrictions remotely...

Google Chrome Security Bypass Vulnerability (CNVD-2025-15175)

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability that stems from insufficient policy enforcement in the Loader component, which can be exploited by an attacker to bypass content security policies...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability that stems from insufficient policy enforcement in the Loader component, which can be exploited by an attacker to bypass content security policies...

Information Exposure

Overview org.webjars.npm:electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Affected versions of this package are vulnerable to Information Exposure via the Loader component. An attacker can leak sensitive cross-origin data by crafting...

PT-2025-13833

Name of the Vulnerable Software and Affected Versions Open Asset Import Library Assimp version 5.4.3 Description A critical issue has been found in the ASE File Handler component of the Open Asset Import Library Assimp. This issue affects the Assimp::ASEImporter::BuildUniqueRepresentation functio...

Google Pixel 安全漏洞

Google Pixel is a smartphone from the American company Google Google. Google Pixel has a security vulnerability that stems from allowing elevation of privilege in the ABL component...

The vulnerability of the Loader component in Google Chrome and Microsoft Edge browsers allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the Loader component in Google Chrome and Microsoft Edge relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause service interruptions or execute arbitrary code...

PT-2023-4502 · Google +2 · Google Chrome +2

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 116.0.5845.110 Description: The issue is related to a use after free in the Loader component, which could allow a remote attacker to exploit heap corruption via a crafted HTML page. This could potentially impac...

Google Chrome Loader data validation error vulnerability

Google Chrome is a web browser from Google, Inc. A data validation error vulnerability exists in the loader component of Google Chrome prior to version 96.0.4664.93. It allows remote attackers to compromise cross-domain data via crafted HTML pages...

The vulnerability of the Google Chrome browser’s loader component, which allows a hacker to execute arbitrary code.

The vulnerability of the Google Chrome browser’s loader component is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code through a specially created web page...

[ASA-202107-2] electron11: multiple issues

Arch Linux Security Advisory ASA-202107-2 ========================================= Severity: Critical Date : 2021-07-01 CVE-ID : CVE-2021-30544 CVE-2021-30548 CVE-2021-30551 Package : electron11 Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-2099 Summary ======= Th...

Remote Code Execution (RCE)

chromium is vulnerable to remote code execution. The vulnerability exists due to a use after free security issue has been found in the Loader component...

NVIDIA ADSP Firmware ADSP Loader Component Buffer Overflow Vulnerability

The NVIDIA ADSP Firmware is a set of firmware used in advanced digital signal processing units from NVIDIA, U.S.A. The ADSP Loader is one of the boot loader components. A buffer overflow vulnerability exists in the ADSP Loader component of the NVIDIA ADSP Firmware. A local attacker could exploit...