Lucene search
K

14 matches found

CVE
CVE
added 2026/06/08 11:27 p.m.42 views

CVE-2026-11634

CVE-2026-11634 describes a use-after-free in Chrome’s Gamepad handling on Windows, exploitable via a crafted HTML page to potentially escape the Chromium sandbox. Affected: Google Chrome on Windows, prior to version 149.0.7827.103. Impact: remote attacker could achieve sandbox escape with a high ...

9.6CVSS5.5AI score0.00252EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/06/04 11:17 p.m.9 views

CVE-2026-10971

Insufficient validation of untrusted input in Printing in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS0.00324EPSS
Exploits0References2
NVD
NVD
added 2026/06/04 11:16 p.m.7 views

CVE-2026-10940

Race in Codecs in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS0.00228EPSS
Exploits0References2
NVD
NVD
added 2026/05/28 11:16 p.m.13 views

CVE-2026-9890

Use after free in XR in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS0.00214EPSS
Exploits0References2
NVD
NVD
added 2025/08/22 9:15 p.m.6 views

CVE-2025-4609

Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 136.0.7103.113 allowed a remote attacker to potentially perform a sandbox escape via a malicious file. Chromium security severity: High...

9.6CVSS0.00375EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/08/22 9:5 p.m.8 views

CVE-2025-4609

Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 136.0.7103.113 allowed a remote attacker to potentially perform a sandbox escape via a malicious file. Chromium security severity: High...

0.00375EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2025/06/16 11:28 a.m.4 views

Astra Linux – Vulnerability in Chromium

The incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 136.0.7103.113 allowed a remote attacker to potentially perform a sandbox escape via a malicious file. Chromium security severity: High...

9.6CVSS7.2AI score0.00375EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/03/28 12:0 a.m.19 views

Mozilla Firefox < 136.0.4

The version of Firefox installed on the remote Windows host is prior to 136.0.4. It is, therefore, affected by a vulnerability as referenced in the mfsa2025-19 advisory. - Following the recent Chrome sandbox escape CVE-2025-2783, various Firefox developers identified a similar pattern in our IPC...

10CVSS8.3AI score0.08404EPSS
Exploits6References2
OSV
OSV
added 2025/03/04 2:15 p.m.6 views

CVE-2025-1930

On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape. This vulnerability affects Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136, and Thunderbird 128.8...

8.8CVSS7.4AI score0.00373EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/03/04 1:31 p.m.23 views

CVE-2025-1930 AudioIPC StreamData could trigger a use-after-free in the Browser process

On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape. This vulnerability was fixed in Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136, and Thunderbird...

0.00373EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2025/03/04 1:31 p.m.9 views

CVE-2025-1930

On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape. This vulnerability was fixed in Firefox 136, Firefox ESR 115.21, Firefox ESR 128.8, Thunderbird 136, and Thunderbird...

8.8CVSS8.5AI score0.00373EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.13 views

Mozilla Firefox < 136.0

The version of Firefox installed on the remote Windows host is prior to 136.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-14 advisory. - Malicious pages could use Firefox for Android to pass FIDO: links to the OS and trigger the hybrid passkey transport. ...

9.8CVSS7AI score0.00519EPSS
Exploits1References16
GithubExploit
GithubExploit
added 2020/08/27 7:32 p.m.1691 views

Exploit for Type Confusion in Mozilla Firefox

CVE-2019-17026 - A Firefox JIT bug - Original bug caught in t...

8.8CVSS0.8AI score0.86863EPSS
Exploits21
OpenVAS
OpenVAS
added 2018/09/18 12:0 a.m.60 views

Microsoft Windows Multiple Vulnerabilities (KB4457142)

This host is missing a critical security update according to Microsoft KB4457142 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.9AI score0.69019EPSS
Exploits16References3
Rows per page
Query Builder