1512 matches found
DEBIAN-CVE-2026-10908
Use after free in FullScreen in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-10908
CVE-2026-10908 affects Google Chrome on Windows. It is a Use-after-Free in FullScreen handling that, if a renderer process is compromised, could allow a sandbox escape via a crafted HTML page. Google Chrome 149.0.7827.53 (and later) includes fixes. The EUVD/NVD entries corroborate the same vector...
CVE-2026-10908
Use after free in FullScreen in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-10908
Use after free in FullScreen in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-10908
Use after free in FullScreen in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в firefox, thunderbird
When reusing existing popups, Firefox would have allowed them to cover the fullscreen notification UI, which could have enabled browser spoofing attacks. This vulnerability affects Thunderbird 91.9, Firefox ESR 91.9, and Firefox 100...
Astra Linux - уязвимость в firefox
A website could have obscured the fullscreen notification by using an option element, introducing a delay through a costly computational process. This could have caused confusion among users and potentially led to spoofing attacks. This vulnerability affects Firefox versions earlier than 115...
Astra Linux - уязвимость в chromium
The incorrect security UI in the full-screen UI of Google Chrome prior to version 142.0.7444.59 allowed a remote attacker who convinced a user to perform certain UI gestures to perform UI spoofing through a crafted HTML page. Chromium security severity: Low...
Astra Linux - уязвимость в firefox, thunderbird
Through a series of maneuvers, Firefox could have entered fullscreen mode without notifying or warning the user. This could lead to spoofing attacks on the browser interface, including phishing attempts. This vulnerability affects Firefox versions earlier than 94, Thunderbird versions earlier tha...
Astra Linux - уязвимость в firefox, thunderbird
When navigating from within an iframe while requesting fullscreen access, a tab controlled by an attacker could prevent the browser from exiting fullscreen mode. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...
Astra Linux - уязвимость в firefox, thunderbird
Through a series of window.print calls and popups, an attacker can make a window become fullscreen without the user seeing the notification prompt. This can lead to potential confusion among users or be used in spoofing attacks. This vulnerability affects Firefox ESR version 102.5, Thunderbird...
Astra Linux - уязвимость в firefox, thunderbird
When resizing a popup after requesting fullscreen access, the popup does not display the fullscreen notification. This vulnerability affects Firefox 98, Firefox ESR 91.7, and Thunderbird 91.7...
Astra Linux - уязвимость в firefox, thunderbird
A website could have obscured the fullscreen notification by using a URL that was processed by an external program, such as a mailto URL. This could have caused confusion among users and potentially led to spoofing attacks. This vulnerability affects Firefox 115, Firefox ESR 102.13, and Thunderbi...
Astra Linux - уязвимость в firefox, thunderbird
A website could have obscured the fullscreen notification by using a combination of window.open, fullscreen requests, window.name assignments, and setInterval calls. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox 112, Focus for Android 112,...
SUSE CVE-2026-8561
Incorrect security UI in Fullscreen in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
Chromium: CVE-2026-8561 Incorrect security UI in Fullscreen
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
CVE-2026-8561
An incorrect security ui flaw was found in the Fullscreen component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=343352552...
CVE-2026-8561
Incorrect security UI in Fullscreen in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-8561
Incorrect security UI in Fullscreen in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-8561
Incorrect security UI in Fullscreen in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...