92 matches found
EUVD-2026-40597
Insufficient policy enforcement in Spellcheck in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13911
Insufficient policy enforcement in Spellcheck in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13911
CVE-2026-13911 concerns Google Chrome’s Spellcheck: insufficient policy enforcement could allow a renderer-compromised attacker to read potentially sensitive data from process memory via a crafted HTML page. Affected are Chrome builds prior to 150.0.7871.47; exploitation is described as remote, r...
CVE-2026-13911
Insufficient policy enforcement in Spellcheck in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
Astra Linux – Vulnerability in Chromium
In version 119.0.6045.199 of Google Chrome’s Spellcheck, type confusion allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
CVE-2025-43518
A logic issue was addressed with improved checks. This issue is fixed in iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2, watchOS 26.2. An app may be able to inappropriately access files through the spellcheck API...
CVE-2025-43518
A logic issue was addressed with improved checks. This issue is fixed in iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2, watchOS 26.2. An app may be able to inappropriately access files through the spellcheck API...
CVE-2025-43518
A logic issue was addressed with improved checks. This issue is fixed in watchOS 26.2, macOS Sonoma 14.8.3, macOS Tahoe 26.2, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.3. An app may be able to inappropriately access files through the spellcheck API...
CVE-2025-43518
A logic issue was addressed with improved checks. This issue is fixed in iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.3, macOS Sonoma 14.8.3, macOS Tahoe 26.2, watchOS 26.2. An app may be able to inappropriately access files through the spellcheck API...
CVE-2025-43518
CVE-2025-43518 is a logic-issue vulnerability fixed in multiple Apple platforms. The flaw allows an app to potentially inappropriately access files via the spellcheck API. Affected products include watchOS 26.2; macOS Sonoma 14.8.3; macOS Tahoe 26.2; iOS 26.2 and iPadOS 26.2; macOS Sequoia 15.7.3...
EUVD-2025-203128
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. An app may be able to inappropriately access files through the spellcheck API...
CVE-2025-43518
A logic issue was addressed with improved checks. This issue is fixed in watchOS 26.2, macOS Sonoma 14.8.3, macOS Tahoe 26.2, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.3. An app may be able to inappropriately access files through the spellcheck API...
PT-2025-51012
CVE-2025-43518 A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8.3, macOS Sequoia 15.7.3. An app may be able to inappropriately access files… https://t.co/CiUXjJLsoN...
EUVD-2015-1429
Malware in sbrugna...
EUVD-2015-1404
Malware in sbrugna...
Malicious code in figma-api-spellcheck (npm)
The package figma-api-spellcheck was found to contain malicious code...
MAL-2025-20520 Malicious code in figma-api-spellcheck (npm)
The package figma-api-spellcheck was found to contain malicious code...
GHSA-9CQ2-PCGR-8H62 Cross-site Scripting in eZFind spellcheck
This security advisory fixes a vulnerability in the legacy eZ Find extension, which can be used with the LegacyBridge in eZ Platform. It affects sites using the "Did you mean...?" spell check / search suggestion feature. This feature is vulnerable to Cross-site Scripting XSS injection reflected...
GLSA-202402-14 : QtWebEngine: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202402-14 QtWebEngine: Multiple Vulnerabilities - Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium...
openSUSE 15 Security Update : opera (openSUSE-SU-2023:0396-1)
The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0396-1 advisory. - Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to...