23 matches found
CVE-2026-12009
Affected software: Google Chrome on macOS. Vulnerability: Insufficient validation of untrusted input in Accessibility could allow a renderer-compromised attacker to escape the sandbox via a crafted HTML page. Root cause: input validation weakness in Accessibility feature. Impact: potential sandbo...
CVE-2026-11157
Script injection in Accessibility in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML UXSS via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2026-11157
Script injection in Accessibility in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML UXSS via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2026-9905
Use after free in Accessibility in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
SUSE CVE-2026-8557
Use after free in Accessibility in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: High...
CVE-2026-6311
Uninitialized Use in Accessibility in Google Chrome on Windows prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
[SECURITY] Fedora 42 Update: qt5-qtspeech-5.15.18-1.fc42
The module enables a Qt application to support accessibility features such as text-to-speech, which is useful for end-users who are visually challenged or cannot access the application for whatever reason. The most common use case where text-to-speech comes in handy is when the end-user is drivin...
EUVD-2009-3718
Malware in sbrugna...
EUVD-2011-1807
Malware in sbrugna...
WordPress Text To Speech TTS Accessibility plugin <= 1.9.30 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Denver Jackson in WordPress Plugin Text To Speech TTS Accessibility versions = 1.9.30...
webkitgtk: User password may be read aloud by a text-to-speech accessibility feature
A flaw was found in webkitgtk where a user’s password may be read aloud by a text-to-speech accessibility feature...
CVE-2024-44171
CVE-2024-44171 affects Apple platforms (iOS 17.7/iPadOS 17.7, iOS 18/iPadOS 18, watchOS 11). Description and Red Hat/NVD entries indicate the issue stems from improved state management that enables an attacker with physical access to a locked device to Control Nearby Devices via accessibility fea...
RLSA-2024:2982 Important: webkit2gtk3 security update
WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fixes: webkitgtk: Processing web content may lead to arbitrary code execution CVE-2023-40414 webkitgtk: Processing web content may lead to arbitrary code execution CVE-2023-42852 webkitgtk: Processing...
Google Chrome Security Bypass Vulnerability (CNVD-2024-10241)
Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome version 121.0.6167.85 and earlier versions due to an improper implementation in an accessibility feature. An attacker can exploit the vulnerability to bypass security...
Google Chrome 安全漏洞
Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome version 121.0.6167.85 and earlier versions due to an improper implementation in an accessibility feature. An attacker can exploit the vulnerability to bypass security...
CVE-2023-32417
This issue was addressed by restricting options offered on a locked device. This issue is fixed in watchOS 9.5. An attacker with physical access to a locked Apple Watch may be able to view user photos or contacts via accessibility features...
DEBIAN-CVE-2022-3659
Use after free in Accessibility in Google Chrome on Chrome OS prior to 107.0.5304.62 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions. Chromium security severity: Medium...
Mozilla Thunderbird 资源管理错误漏洞
Mozilla Thunderbird is the United States Mozilla Foundation's set of independent from the Mozilla Application Suite e-mail client software. The software supports the IMAP and POP mail protocols as well as the HTML mail format. Mozilla Thunderbird suffers from a Resource Management Error...
ex-NSA Hacker Discloses macOS High Sierra Zero-Day Vulnerability
Your Mac computer running the Apple's latest High Sierra operating system can be hacked by tweaking just two lines of code, a researcher demonstrated at the Def Con security conference on Sunday. Patrick Wardle, an ex-NSA hacker and now Chief Research Officer of Digita Security, uncovered a...
ex-NSA Hacker Discloses macOS High Sierra Zero-Day Vulnerability
Your Mac computer running the Apple's latest High Sierra operating system can be hacked by tweaking just two lines of code, a researcher demonstrated at the Def Con security conference on Sunday. Patrick Wardle, an ex-NSA hacker and now Chief Research Officer of Digita Security, uncovered a...