Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.115 contained a security vulnerability caused by a heap buffer overflow in the GPU. This vulnerability could allow a remote attacker with access to the renderer process to execute a sandbox escap...

Ubuntu 20.04 LTS : Linux kernel (Azure FIPS) vulnerabilities (USN-8098-8)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8098-8 advisory. Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these...

Google Chrome < 149.0.7827.114 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 149.0.7827.114. It is, therefore, affected by multiple vulnerabilities as referenced in the 202606stable-channel-update-for-desktop01962725236 advisory. - Use after free in Views in Google Chrome on Windows prior to...

openSUSE 16 Security Update : chromium (openSUSE-SU-2026:20916-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20916-1 advisory. Changes in chromium: - Chromium 149 149.0.7827.53 stable boo1267706: CVE-2026-10881: Out of bounds read and write in ANGLE CVE-2026-10882: Use...

PT-2026-48757

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.115 Description A heap buffer overflow occurs in the GPU component. This issue allows a remote attacker who has already compromised the renderer process to potentially achieve a sandbox...

PT-2026-48779

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.115 Description An out of bounds read exists in VideoCapture, which allows a remote attacker who has compromised the GPU process to obtain potentially sensitive information from process memory by usin...

PT-2026-48774

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.115 Description A use after free issue in the GPU allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape by using a crafted HTML page. Use...

SUSE CVE-2026-11667

Out of bounds read in WebRTC in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the GPU process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2026-22164

Software installed and run as a non-privileged user may conduct improper GPU system calls to corrupt kernel heap memory. By creating resources of certain types and presenting a set of parameters to the affected interface the exploit can be used to corrupt kernel memory...

Chromium: CVE-2026-11119 Insufficient validation of untrusted input in GPU

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-10892 Out of bounds write in GPU

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-11672

Heap buffer overflow in GPU in Google Chrome on Android prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-11667

Out of bounds read in WebRTC in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the GPU process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

DEBIAN-CVE-2026-11667

Out of bounds read in WebRTC in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the GPU process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

QEMU calc_image_hostmem Integer Overflow Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of QEMU. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the virtio-gpu driver. Th...

CVE-2026-11672

CVE-2026-11672 describes a heap buffer overflow in the GPU component of Google Chrome on Android, prior to version 149.0.7827.103. The underlying issue is a memory safety flaw in the GPU/renderer path that could allow a remote attacker who has compromised the renderer process to perform a sandbox...

CVE-2026-11672

Heap buffer overflow in GPU in Google Chrome on Android prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-11672

Heap buffer overflow in GPU in Google Chrome on Android prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-11672

Heap buffer overflow in GPU in Google Chrome on Android prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-11667

CVE-2026-11667 affects Google Chrome WebRTC. The vulnerability is an out-of-bounds read in WebRTC that, if the GPU process is compromised, could enable heap corruption via a crafted HTML page. Impacted software: Chrome prior to version 149.0.7827.103. The publicly documented remediation is to upg...