SUSE CVE-2026-12022

Race in Safe Browsing in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. Chromium security severity: High...

EUVD-2026-36340

Heap buffer overflow in Codecs in Google Chrome on Linux and ChromeOS prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-22165

A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger a write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privileges this could enable further exploits on the...

CVE-2026-11004

Out of bounds read in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

PT-2026-46444

Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 149.0.7827.53 Description A use after free issue in Core allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape by using a crafted HTML page. Use after...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability. This vulnerability stemmed from insufficient policy execution in the Password Manager component. It could allow remote attackers who have compromised...

CVE-2026-22166

CVE-2026-22166 pertains to GPU DDK components where a web page sending anomalous WebGPU content into the GPU GLES render process can trigger a write UAF crash in the GPU GLES user-space shared library (KEGLGetPoolBuffers). The exposed root cause is a write-after-free condition in KEGLGetPoolBuffe...

EUVD-2026-26662

A web page that contains unusual WebGPU content loaded into the GPU GLES render process and can trigger a write UAF crash in the GPU GLES user-space shared library. On certain platforms, when the process executing graphics workload has system privileges this could enable further exploits on the...

Use After Free

chromium:sid is vulnerable to Use After Free. passwords in google chrome allows an attacker to remotely compromise the render process to exploit heap corruption using a crafter HTML page...

Use-After-Free

chromium:sid is vulnerable to Use After Free. Passwords in google chrome allows an attacker to remotely compromise the render process to exploit heap corruption using a crafter HTML page causing an application crash...

DEBIAN-CVE-2022-3661

Insufficient data validation in Extensions in Google Chrome prior to 107.0.5304.62 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted Chrome extension. Chromium security severity: Low...

CVE-2022-0971

Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page...

UBUNTU-CVE-2021-30507

Inappropriate implementation in Offline in Google Chrome on Android prior to 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page...

UBUNTU-CVE-2016-7549

Google Chrome before 53.0.2785.113 does not ensure that the recipient of a certain IPC message is a valid RenderFrame or RenderWidget, which allows remote attackers to cause a denial of service invalid pointer dereference and application crash or possibly have unspecified other impact by leveragi...

The vulnerability of Google Chrome’s browser allows a malicious actor to circumvent sandboxing restrictions.

Google Chrome browser contains a vulnerability related to incorrect block merging in the PointerCompare function of codegen.cc within Seccomp-BPF. Exploiting this vulnerability allows malicious actors to bypass sandbox restrictions by accessing the render process...

The vulnerability of Google Chrome’s browser allows a malicious actor to circumvent sandboxing restrictions.

Google Chrome browser contains a vulnerability related to incorrect block merging in the PointerCompare function of codegen.cc within Seccomp-BPF. Exploiting this vulnerability allows malicious actors to bypass sandbox restrictions by accessing the render process...

USN-2920-1 oxide-qt vulnerabilities

It was discovered that the ContainerNode::parserRemoveChild function in Blink mishandled widget updates in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. CVE-2016-1630 It was...

Ubuntu 14.04 LTS : Oxide vulnerabilities (USN-2877-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2877-1 advisory. A bad cast was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a...

USN-2877-1: Oxide vulnerabilities

A bad cast was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. CVE-2016-1612 An issue was...

Ubuntu 14.04 LTS : Oxide vulnerabilities (USN-2770-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2770-1 advisory. It was discovered that ContainerNode::parserInsertBefore in Blink would incorrectly proceed with a DOM tree insertion in some circumstances. If a user we...