104163 matches found
The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed, allowing an attacker to execute arbitrary code.
The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
CVE-2026-15126
The CVE describes a use-after-free in Chrome’s Forms component, exploitable via a crafted HTML page to execute arbitrary code in the sandbox. Affected product: Google Chrome, version prior to 150.0.7871.115. Root cause: memory handling flaw in the Forms path leading to use-after-free. Impact: rem...
CVE-2026-15121
CVE-2026-15121 is a use-after-free in Chrome’s WebRTC affecting prior to version 150.0.7871.115. An attacker could trigger the vulnerability via a crafted HTML page to execute arbitrary code inside the browser sandbox. Root cause is a WebRTC use-after-free condition, with impact limited to remote...
CVE-2026-15120
CVE-2026-15120 : Use-after-free in Chrome on Windows (Core) prior to 150.0.7871.115 allows a compromised renderer to potentially escape sandbox via a crafted HTML page. Affected: Google Chrome (Windows); Root cause: use-after-free in Core. Impact: sandbox escape potential as described; Exploitati...
CVE-2026-15118
CVE-2026-15118 is a use-after-free in an input handling path of Google Chrome, attributed to Chromium. The vulnerability allows a remote attacker to execute arbitrary code within Chrome’s sandbox via a crafted HTML page, affecting versions prior to 150.0.7871.115. Connected sources confirm the is...
CVE-2026-15117
CVE-2026-15117 affects Google Chrome on the Payments surface, where a Use-After-Free in the payments code path can be triggered by a crafted HTML page when a user performs certain UI gestures. This may lead to heap corruption and remote code execution or instability per the description (Chromium ...
CVE-2026-15116
CVE-2026-15116: Use-after-free in Actor in Google Chrome prior to 150.0.7871.115 allows a remote attacker to execute arbitrary code inside the sandbox via a crafted HTML page. Affected: Google Chrome (Chromium-based); vulnerable component/function: Actor. Root cause stated as use-after-free. Impa...
CVE-2026-15111
Google Chrome (Chromium-based) before 150.0.7871.115 is affected by CVE-2026-15111 due to a use-after-free in Views. The issue could allow a remote attacker to trigger heap corruption by convincing a user to perform specific UI gestures on a crafted HTML page. The description does not specify exp...
CVE-2026-15113
CVE-2026-15113 concerns a use-after-free in Chrome’s Autofill on Android, affecting versions before 150.0.7871.115. The vulnerability could enable a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Affected product is Google Chrome for Android ; root cause is a use...
CVE-2026-15110
CVE-2026-15110 : Use-after-free in "Extensions" of Google Chrome prior to 150.0.7871.115 allows an attacker to trigger heap corruption when a user installs a malicious extension. Affected software: Google Chrome browser (Extensions framework). Root cause: use-after-free in Extension handling lead...
CVE-2026-15133
CVE-2026-15133 describes a Use-After-Free in Chrome’s InterestGroups component. Affects Google Chrome prior to version 150.0.7871.115. The underlying flaw is a use-after-free vulnerability that could allow a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. The i...
CVE-2026-15129
Affected product: Google Chrome (Chromium-based) via the Views component. The vulnerability is a use-after-free in Views, leading to potential heap corruption when handling a crafted HTML page. Impact is described as remote code execution potential via heap corruption, with a high (Critical) seve...
CVE-2026-15112
The CVE-2026-15112 entry relates to a use-after-free in Chrome's Ozone component, fixed in Chrome 150.0.7871.115 and later. The vulnerability could allow a remote attacker to trigger heap corruption via a crafted HTML page. Affected product: Google Chrome (Ozone subsystem). Root cause: use-after-...
xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence()
A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence. A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence and await that fence, then a second X connection...
xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in SyncChangeCounter()
A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter. A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to crash the server, or f...
xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in FreeCounter()
A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter. A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. This may be used to crash the server, or for...
xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free information disclosure in CreateSaverWindow()
A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow. A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure...
xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free information disclosure in CreateSaverWindow()
A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow. A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure...
Important: Red Hat Security Advisory: xorg-x11-server security update
An update for xorg-x11-server is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common...
xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in FreeCounter()
A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter. A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. This may be used to crash the server, or for...