1600 matches found
CVE-2026-14117
Insufficient validation of untrusted input in DevTools in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security...
CVE-2026-14069
Integer overflow in WebNN in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...
CVE-2026-13949
Insufficient policy enforcement in Payments in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13947
Uninitialized Use in XR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13936
Inappropriate implementation in Passwords in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13936
Technical details are not publicly available in the provided documents. Monitor for updates on CVE-2026-13936 for new information, and potential remediation guidance.
CVE-2026-13890
CVE-2026-13890 describes an out-of-bounds read in Chromecast within Google Chrome before version 150.0.7871.47. An attacker who already compromised the renderer process could exploit a crafted HTML page to read potentially sensitive information from process memory. The impact is data leakage of m...
PT-2026-54105
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in the Enterprise component allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page...
PT-2026-54310
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient policy enforcement in the Bluetooth component allows a remote attacker to obtain potentially sensitive information from process memory. This is achieved by inducing the use...
PT-2026-54336
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in Dawn allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. Recommendations Update...
PT-2026-54337
Name of the Vulnerable Software and Affected Versions Google Chrome on ChromeOS versions prior to 150.0.7871.47 Description An inappropriate implementation in Views allows an attacker to obtain potentially sensitive information from process memory. This occurs if a user is convinced to install a...
PT-2026-54286
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An uninitialized use in codecs allows a remote attacker to obtain potentially sensitive information from process memory by inducing the user to visit a crafted HTML page. Recommendation...
PT-2026-54225
Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description Insufficient policy enforcement in the Payments component allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML pag...
PT-2026-54344
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An integer overflow in the WebNN component allows a remote attacker to obtain potentially sensitive information from process memory by inducing the user to visit a crafted HTML page...
PT-2026-54200
Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description An uninitialized use in the GPU component allows a remote attacker to obtain potentially sensitive information from process memory. This is achieved by inducing the victim to...
PT-2026-54219
Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description An uninitialized use in CSS allows a remote attacker to obtain potentially sensitive information from process memory by inducing the user to visit a crafted HTML page...
Astra Linux – Vulnerability in libsoup3, libsoup2.4
A flaw was identified in libsoup, a widely used HTTP library in GNOME-based systems. When processing specially crafted HTTP Range headers, the library may improperly validate requested byte ranges. In certain build configurations, this could allow a remote attacker to access portions of server...
Astra Linux – Vulnerability in Chromium
The use of uninitialized variables in WebCodecs in Google Chrome prior to version 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory through a crafted HTML page. Chromium security severity: Medium...
CVE-2026-12891
A flaw was found in the GStreamer gst-plugins-bad package. When processing a malformed H.266/VVC video stream with a crafted aspect ratio indicator value, the H.266 parser performs an out-of-bounds read of up to 8 bytes from adjacent memory. This flaw allows an attacker to craft a malicious H.266...
CVE-2026-8636
CVE-2026-8636 affects IBM Datacap (versions 9.1.7–9.1.9) and Datacap Navigator (9.1.7–9.1.9). The vulnerability allows an attacker to retrieve user passwords and cryptographic keys from memory, enabling use of those keys to decrypt passwords, gain access to the application, and access sensitive d...