EUVD-2026-33168

Use after free in Network in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Critical...

PT-2026-44660

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description A use after free issue exists in WebAudio, which allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Use after free is a...

CVE-2026-6313

Insufficient policy enforcement in CORS in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

CVE-2026-5888

Uninitialized Use in WebCodecs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

Linux Distros Unpatched Vulnerability : CVE-2026-5286

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security...

PT-2026-29463

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 146.0.7680.178 Description A use-after-free issue existed in the WebGL component of Google Chrome. This allowed a remote attacker to potentially execute arbitrary code within a sandbox through a specially crafte...

CVE-2026-3935

Incorrect security UI in WebAppInstalls in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

PT-2026-5021

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 144.0.7559.110 Description An issue in the Background Fetch API in Google Chrome allowed a remote attacker to leak cross-origin data through a specially crafted HTML page. The security severity is rated as High...

Linux Distros Unpatched Vulnerability : CVE-2018-6057

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Lack of special casing of Android ashmem in Google Chrome prior to 65.0.3325.146 allowed a remote attacker who had compromised the renderer process to bypass...

SUSE CVE-2020-6576

Use after free in offscreen canvas in Google Chrome prior to 85.0.4183.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

SUSE CVE-2022-0804

Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox URL bar via a crafted HTML page...

UBUNTU-CVE-2022-1498

Inappropriate implementation in HTML Parser in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

UBUNTU-CVE-2021-21195

Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

UBUNTU-CVE-2021-21192

Heap buffer overflow in tab groups in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

DEBIAN-CVE-2020-13558

A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free...

UBUNTU-CVE-2019-13721

Use after free in PDFium in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2019-1261

A spoofing vulnerability exists in Microsoft SharePoint when it improperly handles requests to authorize applications, resulting in cross-site request forgery CSRF.To exploit this vulnerability, an attacker would need to create a page specifically designed to cause a cross-site request, aka...

DEBIAN-CVE-2018-1000528

GONICUS GOsa version before commit 56070d6289d47ba3f5918885954dcceb75606001 contains a Cross Site Scripting XSS vulnerability in change password form html/password.php, 308 that can result in injection of arbitrary web script or HTML. This attack appear to be exploitable via the victim must open ...

DEBIAN-CVE-2016-9629

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service segmentation fault and crash via a crafted HTML page...