469 matches found
PT-2026-54255
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in the Paint component allows a remote attacker to perform UI spoofing, which is the act of mimicking a legitimate user interface to deceive users, by...
PT-2026-54290
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in the Paint component allows a remote attacker to perform UI spoofing, which is the act of mimicking a legitimate user interface to deceive users, by...
PT-2026-54248
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in the Paint component allows a remote attacker to perform UI spoofing, which is the act of mimicking a legitimate user interface to deceive users, by...
PT-2026-54264
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in the Paint component allows a remote attacker to perform UI spoofing by using a crafted HTML page. UI spoofing is a technique where an attacker mimics ...
Astra Linux – Vulnerability in GIMP
A flaw was discovered in GIMP’s PSP Paint Shop Pro file parser. A remote attacker could exploit an integer overflow vulnerability in the readcreatorblock function by providing a specially crafted PSP image file. This vulnerability occurs when a 32-bit length value from the file is used for memory...
gimp: GIMP: Remote Code Execution via PSP file parsing
A flaw was found in GIMP. A remote attacker could exploit this vulnerability by enticing a user to open a specially crafted PSP PaintShop Pro file. This flaw is caused by a heap-based buffer overflow, where the application does not properly validate the length of user-supplied data. Successful...
CVE-2026-11289
A side-channel information leakage flaw was found in the Paint component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=502239897...
CVE-2026-11142
A policy bypass flaw was found in the Paint component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=501668745...
CVE-2026-11139
A policy bypass flaw was found in the Paint component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=501650594...
CVE-2026-11133
An insufficient policy enforcement flaw was found in the Paint component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=501606085...
CVE-2026-11132
A policy bypass flaw was found in the Paint component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=501597365...
SUSE CVE-2026-11132
Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...
SUSE CVE-2026-11133
Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...
SUSE CVE-2026-11139
Inappropriate implementation in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
SUSE CVE-2026-11142
Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...
SUSE CVE-2026-11289
Side-channel information leakage in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
Chromium: CVE-2026-11142 Policy bypass in Paint
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-11139 Policy bypass in Paint
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-11133 Insufficient policy enforcement in Paint
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-11132 Policy bypass in Paint
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...