Lucene search
+L

18521 matches found

NVD
NVD
added 5 days ago9 views

CVE-2026-15764

Use after free in Ozone in Google Chrome on Linux prior to 150.0.7871.125 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

7.5CVSS0.00268EPSS
Exploits0References2
NVD
NVD
added 5 days ago6 views

CVE-2026-15765

Use after free in Ozone in Google Chrome prior to 150.0.7871.125 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

7.5CVSS0.00268EPSS
Exploits0References2
CVE
CVE
added 5 days ago9 views

CVE-2026-15775

CVE-2026-15775 affects Google Chrome's V8 under a pre-150.0.7871.125 build. The issue is an inappropriate implementation that allowed a remote attacker to bypass the same-origin policy via a crafted HTML page. Impact is described as high in Chromium notes, with exploitation requiring user interac...

6.5CVSS6.1AI score0.00208EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 5 days ago33 views

CVE-2026-15775

Inappropriate implementation in V8 in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

0.00208EPSS
Exploits0References2
CVE
CVE
added 5 days ago10 views

CVE-2026-15773

CVE-2026-15773 is a Use-After-Free in Chrome’s Core on Windows prior to 150.0.7871.125 that could allow a remote attacker to achieve a sandbox escape via a crafted HTML page. The vulnerability affects Google Chrome Windows builds and is tracked in multiple sources. No exploitation status is provi...

9.6CVSS6.2AI score0.00251EPSS
Exploits0References2Affected Software1
CVE
CVE
added 5 days ago10 views

CVE-2026-15772

The CVE-2026-15772 entry describes a Use-After-Free in the GPU component of Google Chrome on Android prior to version 150.0.7871.125, which could allow a remote attacker who already compromised the renderer process to potentially escape the sandbox via a crafted HTML page. The issue is classified...

8.3CVSS6.2AI score0.00221EPSS
Exploits0References2Affected Software1
CVE
CVE
added 5 days ago128 views

CVE-2026-15771

CVE-2026-15771 affects Google Chrome on Windows prior to 150.0.7871.125. The vulnerability arises from insufficient validation of untrusted input in the Media component, allowing a remote attacker who has compromised the renderer process to potentially read sensitive information from process memo...

5.3CVSS6.1AI score0.00274EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 5 days ago33 views

CVE-2026-15768

Insufficient policy enforcement in HTML-in-Canvas in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

0.00208EPSS
Exploits0References2
CVE
CVE
added 5 days ago11 views

CVE-2026-15769

CVE-2026-15769 concerns insufficient validation of untrusted input in Linux Toolkit Theming in Google Chrome on Linux prior to 150.0.7871.125, potentially allowing a renderer-compromised remote attacker to escape the sandbox via a crafted HTML page. The Chrome update notes roll-out of 150.0.7871....

8.3CVSS6.2AI score0.00236EPSS
Exploits0References2Affected Software1
CVE
CVE
added 5 days ago9 views

CVE-2026-15766

CVE-2026-15766 refers to an Uninitialized Use in Skia inside Google Chrome before version 150.0.7871.125. The vulnerability affects Skia components used by Chrome, allowing a remote attacker to potentially read sensitive information from process memory via a crafted HTML page. The Chrome update n...

6.5CVSS6.1AI score0.00315EPSS
Exploits0References2Affected Software1
CVE
CVE
added 5 days ago58 views

CVE-2026-15764

CVE-2026-15764 is a use-after-free in Chrome’s Ozone path on Linux, enabling potential heap corruption when a user is coerced into specific UI gestures via a crafted HTML page. Affected software is Google Chrome on Linux prior to the fixed build, with the issue classified as Critical (CVSS v3.1: ...

7.5CVSS6.1AI score0.00268EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 5 days ago5 views

PT-2026-58741

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.125 Description Insufficient validation of untrusted input in Navigation allows a remote attacker who has compromised the renderer process to bypass navigation restrictions using a crafted HTML page...

8.8CVSS5.6AI score0.00315EPSS
Exploits0References19
Positive Technologies
Positive Technologies
added 5 days ago8 views

PT-2026-58735

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.125 Description A use after free issue in the GPU component allows a remote attacker who has already compromised the renderer process to potentially perform a sandbox escape. This is achiev...

8.3CVSS6.1AI score0.00268EPSS
Exploits0References20
Positive Technologies
Positive Technologies
added 5 days ago8 views

PT-2026-58728

Use after free in Ozone in Google Chrome prior to 150.0.7871.125 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

7.5CVSS6.1AI score0.00268EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 5 days ago12 views

PT-2026-58733

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.125 Description An uninitialized use in the V8 engine allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. V8 is the open-source...

9.6CVSS5.6AI score0.00328EPSS
Exploits0References19
Positive Technologies
Positive Technologies
added 5 days ago10 views

PT-2026-58727

Name of the Vulnerable Software and Affected Versions Google Chrome on Linux versions prior to 150.0.7871.125 Description A use-after-free issue exists in the Ozone graphics layer. A remote attacker could potentially exploit heap corruption—a condition where memory is corrupted in the heap area—v...

7.5CVSS6.5AI score0.00268EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 5 days ago6 views

PT-2026-58729

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.125 Description An uninitialized use in Skia allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. Recommendations Update Google Chrome...

9.6CVSS5.5AI score0.00328EPSS
Exploits0References19
RedHat Linux
RedHat Linux
added 2026/07/09 7:38 a.m.7 views

golang.org/x/net/html: golang.org/x/net/html: Arbitrary code execution via Cross-Site Scripting

A flaw was found in golang.org/x/net/html. A remote attacker could exploit this vulnerability by providing specially crafted HTML. When this arbitrary HTML is parsed and rendered, it can result in an unexpected HTML tree, bypassing input sanitization. This can be leveraged to execute Cross-Site...

6.1CVSS6.6AI score0.00178EPSS
Exploits0References8
EUVD
EUVD
added 2026/07/09 12:31 a.m.10 views

EUVD-2026-42478

Uninitialized Use in V8 in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

6.3AI score0.0027EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/09 12:31 a.m.10 views

EUVD-2026-42460

Inappropriate implementation in Navigation in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00172EPSS
Exploits0References3
Rows per page
Query Builder