Lucene search
K

1542 matches found

Microsoft CVE
Microsoft CVE
added 2026/06/05 2:0 p.m.19 views

Chromium: CVE-2026-10908 Use after free in FullScreen

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.3CVSS5.4AI score0.00286EPSS
Exploits0
OSV
OSV
added 2026/06/04 11:16 p.m.10 views

DEBIAN-CVE-2026-10908

Use after free in FullScreen in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00286EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/04 11:3 p.m.32 views

CVE-2026-10908

Use after free in FullScreen in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

0.00286EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/04 11:3 p.m.7 views

CVE-2026-10908

Use after free in FullScreen in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00286EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/04 11:3 p.m.10 views

CVE-2026-10908

Use after free in FullScreen in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00286EPSS
Exploits0
CVE
CVE
added 2026/06/04 11:3 p.m.23 views

CVE-2026-10908

CVE-2026-10908 affects Google Chrome on Windows. It is a Use-after-Free in FullScreen handling that, if a renderer process is compromised, could allow a sandbox escape via a crafted HTML page. Google Chrome 149.0.7827.53 (and later) includes fixes. The EUVD/NVD entries corroborate the same vector...

8.3CVSS5.8AI score0.00286EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.7 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of the FullScreen component after its release, which could allow remote attackers to exploit the...

8.3CVSS5.4AI score0.00286EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Firefox and Thunderbird

When reusing existing popups, Firefox would have allowed them to cover the fullscreen notification UI, which could have enabled browser spoofing attacks. This vulnerability affects Thunderbird 91.9, Firefox ESR 91.9, and Firefox 100...

6.5CVSS7.2AI score0.0062EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Through a series of window.print calls and popups, an attacker can make a window become fullscreen without the user seeing the notification prompt. This can lead to potential confusion among users or be used in spoofing attacks. This vulnerability affects Firefox ESR version 102.5, Thunderbird...

6.5CVSS7.4AI score0.0061EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Firefox

Form validation popups may capture escape key presses. Therefore, spamming form validation messages can be used to prevent users from exiting full-screen mode. This vulnerability affects Firefox 128 and Thunderbird 128...

6.3CVSS6.4AI score0.00342EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

By misusing a race in our notification code, an attacker could have forcibly hide notifications for pages that had received full-screen and pointer-lock access, which could have been used for spoofing attacks. This vulnerability affects Thunderbird 91.4.0, Firefox ESR 91.4.0, and Firefox 95...

4.3CVSS6.7AI score0.01158EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Firefox and Thunderbird

A website could have obscured the fullscreen notification by using a URL that was processed by an external program, such as a mailto URL. This could have caused confusion among users and potentially led to spoofing attacks. This vulnerability affects Firefox 115, Firefox ESR 102.13, and Thunderbi...

6.5CVSS6.8AI score0.00739EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Fullscreen in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.5AI score0.0018EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in the Fullscreen API in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

4.3CVSS6.7AI score0.00527EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Firefox and Thunderbird

When resizing a popup after requesting fullscreen access, the popup does not display the fullscreen notification. This vulnerability affects Firefox 98, Firefox ESR 91.7, and Thunderbird 91.7...

4.3CVSS6.5AI score0.00655EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Firefox and Thunderbird

When navigating from within an iframe while requesting fullscreen access, a tab controlled by an attacker could prevent the browser from exiting fullscreen mode. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

4.3CVSS6.4AI score0.00643EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt. This results in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR 102.5, Thunderbird 102.5, and Firefox 107...

6.5CVSS6.9AI score0.007EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Firefox and Thunderbird

When exiting fullscreen mode, an iframe could mislead the browser regarding the current state of fullscreen, potentially causing confusion for users or leading to spoofing attacks. This vulnerability affects Thunderbird 91.10, Firefox 101, and Firefox ESR 91.10...

6.5CVSS6.9AI score0.00584EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Firefox and Thunderbird

A malicious website could have used a combination of the fullscreen mode and the requestPointerLock function to cause the user’s mouse to be repositioned unexpectedly. This could lead to confusion among users and, inadvertently, the granting of permissions that the user did not intend to grant...

6.1CVSS6.5AI score0.00575EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Firefox and Thunderbird

Through a series of maneuvers, Firefox could have entered fullscreen mode without notifying or warning the user. This could lead to spoofing attacks on the browser interface, including phishing attempts. This vulnerability affects Firefox versions earlier than 94, Thunderbird versions earlier tha...

4.3CVSS6.7AI score0.01459EPSS
Exploits0References2
Rows per page
Query Builder