20 matches found
DEBIAN-CVE-2026-12446
Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...
CVE-2026-11292
CVE-2026-11292 : A CSP bypass vulnerability in Blink used by Google Chrome prior to 149.0.7827.53 allows remote attackers to bypass content security policy through a crafted HTML page. Affected component is Blink in Chrome/Chromium; exploitation is possible over the network with user interaction ...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability. This vulnerability stemmed from improper implementations in the Canvas library, which could allow remote attackers to bypass the same-origin policy through...
CVE-2026-10009
Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability, which was caused by an object lifecycle issue in the WebShare component. This vulnerability could allow remote attackers to execute arbitrary code by...
SUSE CVE-2026-7991
Use after free in UI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
PT-2024-7781 · Google +4 · Google Chrome +4
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 130.0.6723.58 Microsoft Edge affected versions not specified Description: The issue is related to a use-after-free vulnerability in the Artificial Intelligence AI technology of Google Chrome and Microsoft Edge...
SUSE CVE-2017-5110
Inappropriate implementation of the web payments API on blob: and data: schemes in Web Payments in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to spoof the contents of the Omnibox via a crafted HTML page...
Google Chrome Security Vulnerability
Google Chrome is a web browser from Google, Inc. in the United States. A security vulnerability exists in versions prior to Google chrome 87.0.4280.66, which stems from an improper implementation in cryptohome...
Google Chrome Buffer Overflow Vulnerability (CNVD-2020-41201)
Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A heap buffer overflow vulnerability exists in WebAudio in versions prior to Google Chrome 84.0.4147.89, no detailed vulnerability details are available at this tim...
Google Chrome Content Security Policy Bypass Vulnerability (CNVD-2020-10252)
Chrome is a web browsing tool developed by Google. A content security policy bypass vulnerability exists in Google Chrome versions prior to 80.0.3987.87. The vulnerability stems from insufficient validation of untrusted input by Blink in Chrome. An attacker can exploit the vulnerability to bypass...
chromium-browser: Use after free in WebSockets
Use-after-free in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
PT-2019-4829 · Google +2 · Google Chrome +2
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 73.0.3683.86 Description: The issue is related to an out of bounds write in JavaScript, which can potentially lead to heap corruption. A remote attacker could exploit this via a crafted HTML page, potentially...
Google Chrome Uninitialized Variable Value Vulnerability
Google Chrome is a web browser from Google, an American company. An uninitialized variable value vulnerability exists in versions of Google Chrome prior to 74.0.3729.108. A remote attacker can exploit this vulnerability by tricking a user into visiting a specially crafted website to bypass securi...
Google Chrome Skia heap buffer overflow vulnerability (CNVD-2018-22399)
Google Chrome is a web browser developed by Google, Inc. Skia is an open source 2D graphics library that provides common APIs that work on a variety of hardware and software platforms. A heap buffer overflow vulnerability exists in Skia in versions prior to Google Chrome 63.0.3239.84. A remote...
UBUNTU-CVE-2015-1290
The Google V8 engine, as used in Google Chrome before 44.0.2403.89 and QtWebEngineCore in Qt before 5.5.1, allows remote attackers to cause a denial of service memory corruption or execute arbitrary code via a crafted web site...
CVE-2017-5036
A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to have an unspecified impact via a crafted PDF file...
CVE-2017-5042
Cast in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android sent cookies to sites discovered via SSDP, which allowed an attacker on the local network segment to initiate connections to arbitrary URLs and observe any plaintext cookies sent...
Google Chrome Cross-Site Scripting Vulnerability (CNVD-2016-02450)
Google Chrome is a web browser developed by the American company Google Google. A cross-site scripting vulnerability exists in Google Chrome versions prior to 50.0.2661.75, which stems from an error in the extension binding. A remote attacker can exploit this vulnerability to inject arbitrary web...
CVE-2011-3051
Use-after-free vulnerability in the Cascading Style Sheets CSS implementation in Google Chrome before 17.0.963.83 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the cross-fade function...