CVE-2026-10972

An use after free flaw was found in the Ozone component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513006660...

CVE-2026-11122

Inappropriate implementation in Keyboard in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

PT-2026-42234

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.179 Description A use after free issue in the QUIC protocol allows a remote attacker to execute arbitrary code within a sandbox by sending malicious network traffic. Use after free is a memory...

Apollo Server: Browser bug allows for bypass of XS-Search (read-only Cross-Site Request Forgery) prevention

Impact In a Cross-Site Request Forgery attack, untrusted web content causes browsers to send authenticated requests to web servers which use cookies for authentication. While the web content is prevented from reading the request's response due to the Cross-Origin Request Sharing CORS protocol, an...

SUSE CVE-2026-4674

Out of bounds read in CSS in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

CVE-2026-4680

An use after free flaw was found in the FedCM component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=491869946...

SUSE CVE-2017-5030

Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac and 57.0.2987.108 for Android allowed a remote attacker to execute arbitrary code via a crafted HTML page...

The vulnerability of the Internet Explorer browser, related to insufficient validation of input data, allows a hacker to execute arbitrary code.

The vulnerability of the Internet Explorer browser is related to insufficient validation of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

I discovered a browser bug

I accidentally discovered a huge browser bug a few months ago and I'm pretty excited about it. Security engineers always seem like the "cool kids" to me, so I'm hoping that now I can be part of the club, and y'know, get into the special parties or whatever. I've noticed that a lot of these securi...

I discovered a browser bug

I accidentally discovered a huge browser bug a few months ago and I'm pretty excited about it. Security engineers always seem like the "cool kids" to me, so I'm hoping that now I can be part of the club, and y'know, get into the special parties or whatever. I've noticed that a lot of these securi...

Microsoft Internet Explorer 9 IEFRAME CView::EnsureSize Use-After-Free

Since November I have been releasing details on all vulnerabilities I found that I have not released before. This is the 34th entry in the series. This information is available in more detail on my blog at http://blog.skylined.nl/20161216001.html. There you can find a repro that triggered this...

Microsoft Internet Explorer 9 IEFRAME CSelectionInteractButtonBehavior::_UpdateButtonLocation Use-After-Free

Since November I have been releasing details on all vulnerabilities I found that I have not released before. This is the thirtieth entry in the series. This information is available in more detail on my blog at http://blog.skylined.nl/20161212001.html. There you can find a repro that triggered th...

Microsoft Internet Explorer 8 8 MSHTML SRunPointer::SpanQualifier/RunType Out-Of-Bounds Read

Throughout November, I plan to release details on vulnerabilities I found in web-browsers which I've not released before. This is the sixteenth entry in that series. Unfortunately I won't be able to publish everything within one month at the current rate, so I may continue to publish these throug...

XSRF Security Token Missing when clicking on Contact an administrator

h3. Summary Clicking on the "Contact an administrator to perform this action." results in XSRF Security Token Missing. Tested with : Chrome Version 54.0.2840.59 64-bit Firefox 49.0 h3. Steps to Reproduce Configure Outgoing Mail Enable Contact Administrators Form from General Configurations Create...

XSRF Security Token Missing when clicking on Contact an administrator

h3. Summary Clicking on the "Contact an administrator to perform this action." results in XSRF Security Token Missing. Tested with : Chrome Version 54.0.2840.59 64-bit Firefox 49.0 h3. Steps to Reproduce Configure Outgoing Mail Enable Contact Administrators Form from General Configurations Create...

XSRF Security Token Missing when clicking on Contact an administrator

h3. Summary Clicking on the "Contact an administrator to perform this action." results in XSRF Security Token Missing. Tested with : Chrome Version 54.0.2840.59 64-bit Firefox 49.0 h3. Steps to Reproduce Configure Outgoing Mail Enable Contact Administrators Form from General Configurations Create...

The vulnerability of the Firefox browser, which allows a malicious individual to execute arbitrary code or trigger a service denial

The Mozilla Firefox browser contains a vulnerability related to memory usage during JavaScript execution when working with the TypeObject class. Exploiting this vulnerability allows malicious actors to execute arbitrary code, resulting in excessive memory consumption during garbage collection...

Android browser serious bug affecting half of Android users-vulnerability warning-the black bar safety net

Open source Android browser is found a affect half of Android users of a serious bug, which could allow a malicious web site injection JS script to access other site content, such as read passwords and cookies and other sensitive data. The browser will usually be designed to prevent a site script...

Users getting "XSRF Security Token Missing" when Creating Issues

When trying to use our JIRA instance we keep getting lots of permissions errors which makes JIRA very difficult to use. If we keep trying then eventually it works. This has been happening for about the last week or so. It's very annoying as you keep having to enter the issues of the JIRA you're...

Users getting "XSRF Security Token Missing" when Creating Issues

When trying to use our JIRA instance we keep getting lots of permissions errors which makes JIRA very difficult to use. If we keep trying then eventually it works. This has been happening for about the last week or so. It's very annoying as you keep having to enter the issues of the JIRA you're...