448 matches found
CVE-2026-14429
CVE-2026-14429 affects Google Chrome and its Skia rendering library. Insufficient validation of untrusted input in Skia before Chrome 150.0.7871.46 can allow a remote attacker who has compromised the renderer process to potentially escape the sandbox via a crafted HTML page. Impact is described a...
EUVD-2026-40793
Insufficient validation of untrusted input in Text in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...
DEBIAN-CVE-2026-13941
Inappropriate implementation in SiteSettings in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13851
Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: High...
CVE-2026-14009
The vulnerability CVE-2026-14009 affects Google Chrome (Passwords component) due to an inappropriate implementation, enabling remote exploitation to potentially cause heap corruption via a crafted HTML page. Affected builds are prior to 150.0.7871.47; the issue is described with a Chromium severi...
CVE-2026-13924
CVE-2026-13924 affects WebView in Google Chrome on Android, prior to version 150.0.7871.47. The issue is insufficient validation of untrusted input in WebView, allowing a remote attacker who already compromised the renderer process to bypass the same-origin policy via a crafted HTML page. The vul...
CVE-2026-13853
Use after free in Journeys in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-13848
Use after free in Forms in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-13813
Summary: CVE-2026-13813 concerns Chrome for iOS where insufficient policy enforcement in the renderer allowed a sandbox escape via a crafted HTML page after renderer compromise. The issue affects Google Chrome on iOS before version 150.0.7871.47 (Chromium security severity: High). Root cause / vu...
Linux Distros Unpatched Vulnerability : CVE-2026-13027
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in FileSystem in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2026-13032
Use after free in WebGL in Google Chrome on Android prior to 149.0.7827.197 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
Astra Linux – Vulnerability in Chromium
Inappropriate implementation in Permissions in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
Astra Linux – Vulnerability in Chromium
Insufficient policy enforcement in the File System API of Google Chrome on Windows prior to version 89.0.4389.72 allowed a remote attacker to bypass filesystem restrictions through a crafted HTML page...
Astra Linux – Vulnerability in WebKit2GTK
An access issue has been resolved through improved access restrictions. This issue is fixed in Safari 17.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3, and watchOS 10.3. A maliciously crafted webpage may be able to obtain user information...
Astra Linux – Vulnerability in Chromium
The incorrect security UI in Split View in Google Chrome prior to version 144.0.7559.59 allowed a remote attacker to perform UI spoofing through a crafted HTML page. Chromium security severity: Low...
Astra Linux – Vulnerability in Chromium
A heap buffer overflow in Blink in Google Chrome prior to version 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Inappropriate implementations of Skia in Google Chrome prior to version 88.0.4324.146 allowed a local attacker to spoof the contents of the Omnibox URL bar through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Inappropriate implementation in Autofill in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...
Astra Linux – Vulnerability in Chromium
Insufficient data validation in Blink Editing in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to inject arbitrary scripts or HTML via a crafted HTML page...
DEBIAN-CVE-2026-12447
Heap buffer overflow in WebRTC in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...