225 matches found
EUVD-2026-40765
Insufficient validation of untrusted input in WebRTC in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14078
Insufficient validation of untrusted input in WebRTC in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...
CVE-2026-56208
A heap buffer overflow vulnerability was found in libaom, the reference AV1 codec implementation. A flaw in the AV1 encoder's Look-Ahead Processing LAP mode causes the first-pass stats ring buffer wrap-around guard to be bypassed when glaginframes is set to 1 or higher. This results in a 232-byte...
Astra Linux – Vulnerability in Chromium
A heap buffer overflow in WebRTC in Google Chrome prior to version 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Firefox and Thunderbird
Use-after-free in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...
CVE-2026-12447
Heap buffer overflow in WebRTC in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
firefox: thunderbird: webrtc: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component...
CVE-2026-11667
Out of bounds read in WebRTC in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the GPU process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
firefox: thunderbird: Other issue in the WebRTC component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Other issue in the WebRTC component...
Important: Red Hat Security Advisory: firefox security update
An update for firefox is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
OPENSUSE-SU-2026:20916-1 Security update for chromium
This update for chromium fixes the following issues: Changes in chromium: - Chromium 149 149.0.7827.53 stable boo1267706: CVE-2026-10881: Out of bounds read and write in ANGLE CVE-2026-10882: Use after free in Network CVE-2026-10883: Out of bounds write in ANGLE CVE-2026-10884: Use after free in...
SUSE CVE-2026-10939
Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
SUSE CVE-2026-10947
Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
SUSE CVE-2026-10948
Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
SUSE CVE-2026-11118
Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11003
An use after free flaw was found in the WebRTC component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=494823867...
SUSE CVE-2026-11200
Inappropriate implementation in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
SUSE CVE-2026-11074
Use after free in WebRTC in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Medium...
Chromium: CVE-2026-10975 Use after free in WebRTC
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
EUVD-2026-34660
Inappropriate implementation in WebRTC in Google Chrome prior to 149.0.7827.53 allowed an attacker in a privileged network position to leak cross-origin data via malicious network traffic. Chromium security severity: Medium...