Lucene search
+L

27 matches found

CVE
CVE
added 4 days ago39 views

CVE-2025-65720

Open Source GPT Researcher v3.3.7 is affected by CVE-2025-65720, described as a remote code execution vulnerability. Attackers can cause arbitrary commands to run on a victim system by interacting with a crafted HTML page. The linked ENISA EUVD entry confirms the issue and references exploitation...

9.8CVSS6.4AI score0.00722EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-13859

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially perform a sandbox escape via a crafted HT...

9.6CVSS6.2AI score0.0028EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:16 p.m.5 views

DEBIAN-CVE-2026-13792

Use after free in Touchbar in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.8AI score0.00316EPSS
Exploits0References1
CVE
CVE
added 2026/06/30 10:37 p.m.24 views

CVE-2026-13825

CVE-2026-13825 describes an uninitialized use in Dawn within Google Chrome (Chromium-based) prior to version 150.0.7871.47, enabling a remote attacker to potentially trigger heap corruption via a crafted HTML page. Affected product: Google Chrome (Chromium Dawn component). Root cause: uninitializ...

8.8CVSS5.8AI score0.00306EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.10 views

PT-2026-54308

Name of the Vulnerable Software and Affected Versions Google Chrome on Windows versions prior to 150.0.7871.47 Description Insufficient policy enforcement in the Media component allows a remote attacker to bypass site isolation, a security feature that ensures web pages from different sites are...

9.8CVSS5.9AI score0.00413EPSS
Exploits0References447
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.13 views

Astra Linux – Vulnerability in Chromium

The use of “after free” in Navigation in Google Chrome before version 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page. Chromium security severity: High...

9.6CVSS7.3AI score0.00275EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/11 8:48 p.m.11 views

CVE-2026-12007

Use after free in Core in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6AI score0.00287EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/08 11:27 p.m.41 views

CVE-2026-11682

Inappropriate implementation in Views in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

0.00192EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:42 a.m.13 views

SUSE CVE-2026-11204

Inappropriate implementation in Signin in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00201EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/05 12:31 a.m.15 views

EUVD-2026-34593

Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00202EPSS
Exploits0References3
OSV
OSV
added 2026/06/04 11:17 p.m.6 views

DEBIAN-CVE-2026-10982

Use after free in WebXR in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00456EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 11:4 p.m.8 views

CVE-2026-10996

Inappropriate implementation in Workers in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

5.5AI score0.00262EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/29 12:38 a.m.12 views

EUVD-2026-33150

Uninitialized Use in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00224EPSS
Exploits0References3
OSV
OSV
added 2026/05/28 11:16 p.m.12 views

DEBIAN-CVE-2026-9967

Out of bounds write in GPU in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.8AI score0.00243EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.12 views

PT-2026-44576

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.216 Description Insufficient validation of untrusted input in Skia allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HT...

9.6CVSS5.9AI score0.00383EPSS
Exploits0References162
BDU FSTEC
BDU FSTEC
added 2026/04/23 12:0 a.m.7 views

The vulnerability of Google Chrome, related to deficiencies in access control, allows attackers to circumvent security restrictions.

The vulnerability of Google Chrome is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass security restrictions using a specially crafted HTML page...

7.5CVSS5.8AI score0.00171EPSS
Exploits0References9Affected Software5
ATTACKERKB
ATTACKERKB
added 2026/04/08 9:21 p.m.2 views

CVE-2026-5915

Insufficient validation of untrusted input in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Low...

8.1CVSS5.9AI score0.00194EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2025/11/17 11:19 p.m.5 views

EUVD-2025-197890

Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.5AI score0.00244EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/11/17 11:3 p.m.0 views

CVE-2025-13224

Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

6.6AI score0.00454EPSS
Exploits1References2
CVE
CVE
added 2025/11/10 8:0 p.m.30 views

CVE-2025-12440

CVE-2025-12440 affects Google Chrome/Chromium Autofill prior to 142.0.7444.59. A crafted HTML page can leverage an inappropriate Autofill implementation to exfiltrate potentially sensitive data from process memory after convincing a user to perform specific UI gestures. The published data indicat...

5.3CVSS5.3AI score0.00201EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder