CVE-2026-11665

Out of bounds read in Dawn in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

CVE-2026-11257

An inappropriate implementation flaw was found in the Browser component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=499051898...

CVE-2026-9884

An use after free flaw was found in the Browser component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=508289938...

CVE-2026-9114

An use after free flaw was found in the QUIC component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=495798630...

CVE-2026-4689

Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

CVE-2026-4689 Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component

Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

Security update for chromium (moderate)

openSUSE security update: security update for chromium ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20054-1 Rating: moderate References: bsc1256614 Cross-References: CVE-2026-0899 CVE-2026-0900 CVE-2026-0901 CVE-2026-0902 CVE-2026-0903...

CVE-2022-42247

pfSense v2.5.2 was discovered to contain a cross-site scripting XSS vulnerability in the browser.php component. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into a file name...

EUVD-2019-2436

Malware in sbrugna...

EUVD-2012-5706

Malware in sbrugna...

EUVD-2025-21297

Malicious code in bioql PyPI...

CVE-2025-7620 DSIC｜Cross-browser Components for Official Document Creation - Remote Code Execution

The cross-browser document creation component produced by Digitware System Integration Corporation has a Remote Code Execution vulnerability. If a user visits a malicious website while the component is active, remote attackers can cause the system to download and execute arbitrary programs...

CVE-2012-5828

BlackBerry PlayBook before 2.1 has an Information Disclosure Vulnerability via a Web browser component error...

VulnCheck KEV: CVE-2021-42063

A security vulnerability has been discovered in the SAP Knowledge Warehouse - versions 7.30, 7.31, 7.40, 7.50. The usage of one SAP KW component within a Web browser enables unauthorized attackers to conduct XSS attacks, which might lead to disclose sensitive data...

The vulnerability of Google Chrome’s CSS component allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Google Chrome browser’s CSS component is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created malicious web page...

The vulnerability in the ChromeOS Camera browser component of Google Chrome operating systems and ChromeOS/Flex, which allows a hacker to execute arbitrary code.

The vulnerability of the ChromeOS Camera browser component in Google Chrome operating systems and ChromeOS/ChromeOS Flex is related to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through certain interactions with the user...

Cross site scripting

pfSense v2.5.2 was discovered to contain a cross-site scripting XSS vulnerability in the browser.php component. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into a file name...

CVE-2021-42063

A security vulnerability has been discovered in the SAP Knowledge Warehouse - versions 7.30, 7.31, 7.40, 7.50. The usage of one SAP KW component within a Web browser enables unauthorized attackers to conduct XSS attacks, which might lead to disclose sensitive data...

Security Bulletin: IBM Analyst's Notebook Premium uses a component with known vulnerabilities (CVE-2020-16013, CVE-2020-16009, CVE-2020-15999)

Summary IBM i2 Analyst's Notebook Premium uses a browser component version with known vulnerabilities. Vulnerability Details CVEID: CVE-2020-16013 DESCRIPTION: Google Chrome could allow a remote attacker to bypass security restrictions, caused by inappropriate implementation in V8. By persuading ...

The vulnerability of Cryptohome’s Google Chrome browser component, which allows a hacker to increase their privileges.

The vulnerability of Cryptohome’s Google Chrome browser component relates to insecure management of privileges. Exploiting this vulnerability could allow an attacker to increase their privileges...