16830 matches found
EUVD-2026-11440
use after free in WindowDialog in Google Chrome prior to 146.0.7680.71 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
EUVD-2026-11424
Out of bounds read in Web Speech in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
PT-2026-33138
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.101 Description A use after free issue in CSS allows a remote attacker to execute arbitrary code inside a sandbox by inducing the victim to open a crafted HTML page. Use after free is a memory...
TinaCMS 路径遍历漏洞
TinaCMS is an open-source headless CMS developed by Tina for Markdown, MDX, and JSON formats. Versions of TinaCMS prior to 2.1.2 contained a path traversal vulnerability. This vulnerability stemmed from the use of path.join to combine paths without verifying that the resolved path remained within...
Linux Distros Unpatched Vulnerability : CVE-2026-3916
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read in Web Speech in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML...
Linux Distros Unpatched Vulnerability : CVE-2026-3924
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - use after free in WindowDialog in Google Chrome prior to 146.0.7680.71 allowed a remote attacker who had compromised the renderer process to potentially perform...
RHEL 8 : thunderbird (RHSA-2026:4432)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:4432 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: libvpx: Heap buffer overflow in libvpx CVE-2026-2447 firefox:...
CVE-2026-3924
use after free in WindowDialog in Google Chrome prior to 146.0.7680.71 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-3924
use after free in WindowDialog in Google Chrome prior to 146.0.7680.71 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
DEBIAN-CVE-2026-3924
use after free in WindowDialog in Google Chrome prior to 146.0.7680.71 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-3916
Out of bounds read in Web Speech in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-3916
Out of bounds read in Web Speech in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
DEBIAN-CVE-2026-3916
Out of bounds read in Web Speech in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-3924
use after free in WindowDialog in Google Chrome prior to 146.0.7680.71 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-3924
use after free in WindowDialog in Google Chrome prior to 146.0.7680.71 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-3924
use after free in WindowDialog in Google Chrome prior to 146.0.7680.71 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-3924
CVE-2026-3924 affects Google Chrome/Chromium: a use-after-free in WindowDialog allows a remote attacker who has compromised the renderer process to potentially escape the sandbox via a crafted HTML page. Affected versions are prior to 146.0.7680.71. Reported impacts align with sandbox escape risk...
CVE-2026-3924
use after free in WindowDialog in Google Chrome prior to 146.0.7680.71 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-3916
CVE-2026-3916 concerns an out-of-bounds read in Web Speech affecting Google Chrome/Chromium. Connected feeds show fixes tied to Chromium 146.0.7680.71 (e.g., chromium-146.0.7680.71-1.fc42/43, Debian DSA-6164-1 notes 146.0.7680.71 fixes). Affected component: Web Speech parsing/access path in Chrom...
CVE-2026-3916
Out of bounds read in Web Speech in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...