Lucene search
K

230 matches found

Cvelist
Cvelist
added 2026/06/30 10:38 p.m.22 views

CVE-2026-13895

Inappropriate implementation in Autofill in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

0.00212EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:38 p.m.13 views

CVE-2026-13892

CVE-2026-13892 concerns Chrome for iOS before version 150.0.7871.47, where an inappropriate implementation allowed a remote attacker who lured a user into specific UI gestures to leak cross-origin data via a crafted HTML page. The issue affects Chrome on iOS (Chromium-based) and has a Medium seve...

6.5CVSS5.8AI score0.00282EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:37 p.m.15 views

CVE-2026-13812

CVE-2026-13812 affects Chrome for iOS (Google Chrome on iOS) prior to version 150.0.7871.47. The issue is insufficient validation of untrusted input in a crafted HTML page, enabling UXSS if a user is induced to perform specific UI gestures. The vulnerability results in potential script/HTML injec...

4.7CVSS6AI score0.00184EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/30 10:37 p.m.4 views

CVE-2026-13812

Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: High...

4.7CVSS6AI score0.00184EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/30 10:37 p.m.6 views

CVE-2026-13794

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

7.5CVSS6.2AI score0.00448EPSS
Exploits0
CVE
CVE
added 2026/06/30 10:37 p.m.19 views

CVE-2026-13784

Summary : CVE-2026-13784 is a Use-After-Free in Chrome/Chromium’s Views component, exploitable via crafted HTML and requiring user interaction through specific UI gestures. This can lead to heap corruption and is rated Critical. What is affected : Google Chrome/Chromium prior to 150.0.7871.47 (Vi...

9.6CVSS5.8AI score0.00314EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/30 10:37 p.m.4 views

CVE-2026-13784

Use after free in Views in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.8AI score0.00314EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.5 views

PT-2026-54237

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in DevTools on Windows allows a remote attacker to obtain potentially sensitive information from process memory. This occurs when a user is...

9.6CVSS6AI score0.00413EPSS
Exploits0References438
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.7 views

PT-2026-54190

Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description Insufficient policy enforcement in the Autofill feature allows a remote attacker to leak cross-origin data. This occurs when a user is convinced to perform specific UI gestures o...

9.6CVSS6AI score0.00413EPSS
Exploits0References437
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.5 views

PT-2026-54387

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in the Enterprise component allows a remote attacker to obtain potentially sensitive information from process memory. This occurs when a user is convince...

9.6CVSS6AI score0.00413EPSS
Exploits0References438
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.6 views

PT-2026-54084

Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description A use after free issue exists in the Import component. This occurs when a remote attacker convinces a user to perform specific UI gestures, potentially leading to arbitrary code...

9.6CVSS6.6AI score0.00413EPSS
Exploits0References439
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.8 views

PT-2026-54132

Name of the Vulnerable Software and Affected Versions Google Chrome on Linux versions prior to 150.0.7871.47 Description A use after free issue exists in Ozone, which is a platform-agnostic abstraction layer for windowing and input. This flaw allows a remote attacker to execute arbitrary code via...

9.6CVSS6.4AI score0.00413EPSS
Exploits0References438
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.9 views

PT-2026-54169

Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description An inappropriate implementation in Chrome for iOS allows a remote attacker to leak cross-origin data. This occurs when a user is convinced to perform specific UI gestures while...

9.6CVSS6AI score0.00413EPSS
Exploits0References438
EUVD
EUVD
added 2026/06/17 6:35 p.m.10 views

EUVD-2026-37540

Use after free in Tab Strip in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

7.5CVSS5.5AI score0.00227EPSS
Exploits0References3
OSV
OSV
added 2026/06/17 1:20 p.m.4 views

DEBIAN-CVE-2026-12458

Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.3AI score0.0019EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 12:16 a.m.8 views

CVE-2026-11632

Use after free in TabStrip in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

7.5CVSS0.00264EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/08 11:27 p.m.11 views

CVE-2026-11641

Use after free in Bluetooth in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

7.5CVSS6AI score0.00275EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/07 4:45 a.m.10 views

SUSE CVE-2026-11100

Use after free in File Input in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.5AI score0.00255EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/05 12:31 a.m.11 views

EUVD-2026-34734

Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Low...

6AI score0.00159EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/05 12:31 a.m.24 views

EUVD-2026-34719

Inappropriate implementation in File System Access in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00201EPSS
Exploits0References3
Rows per page
Query Builder