Lucene search
K

1082 matches found

Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.14 views

PT-2026-47520

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.103 Description A use after free issue exists in the ServiceWorker component. This allows a remote attacker who has already compromised the renderer process to execute arbitrary code within a sandbox ...

9.6CVSS6.7AI score0.01654EPSS
Exploits4References86
SUSE CVE
SUSE CVE
added 2026/06/07 4:51 a.m.13 views

SUSE CVE-2026-10889

Out of bounds read in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.5AI score0.00286EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:50 a.m.11 views

SUSE CVE-2026-10916

Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: High...

6.1CVSS5.6AI score0.00213EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:50 a.m.11 views

SUSE CVE-2026-10925

Out of bounds write in Skia in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00286EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:49 a.m.10 views

SUSE CVE-2026-10967

Use after free in SurfaceCapture in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00267EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:47 a.m.10 views

SUSE CVE-2026-11023

Inappropriate implementation in WebAppInstalls in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00225EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:47 a.m.11 views

SUSE CVE-2026-11040

Use after free in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

8.3CVSS5.5AI score0.00222EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:47 a.m.11 views

SUSE CVE-2026-11043

Out of bounds write in ANGLE in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.5AI score0.00301EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:47 a.m.13 views

SUSE CVE-2026-11046

Insufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6AI score0.00361EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:45 a.m.9 views

SUSE CVE-2026-11082

Race in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.5AI score0.00234EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:45 a.m.9 views

SUSE CVE-2026-11095

Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.5AI score0.00276EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:43 a.m.10 views

SUSE CVE-2026-11151

Insufficient validation of untrusted input in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

7.5CVSS5.5AI score0.00221EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:43 a.m.8 views

SUSE CVE-2026-11167

Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.5AI score0.00234EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:41 a.m.12 views

SUSE CVE-2026-11234

Inappropriate implementation in FoldableAPIs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.4AI score0.00177EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/06 12:44 a.m.12 views

CVE-2026-10915

An use after free flaw was found in the Core component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497612174...

8.8CVSS5.4AI score0.00275EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:23 p.m.9 views

CVE-2026-43940

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to version 3.7.16, the runWidget function in src/app/widgets/load-widget.js constructs a file path by directly concatenating user‑supplied widget identifiers without any sanitisation. Because runWidget...

8.4CVSS6.1AI score0.00167EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/05 12:31 a.m.11 views

EUVD-2026-34712

Insufficient policy enforcement in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass discretionary access control via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00186EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/05 12:31 a.m.14 views

EUVD-2026-34635

Inappropriate implementation in Site Isolation in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00207EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/05 12:31 a.m.11 views

EUVD-2026-34615

Use after free in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00207EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/05 12:31 a.m.11 views

EUVD-2026-34628

Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00234EPSS
Exploits0References3
Rows per page
Query Builder