18461 matches found
CVE-2026-13950
Uninitialized Use in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13883
CVE-2026-13883 describes a Type Confusion in ANGLE used by Google Chrome prior to 150.0.7871.47 that can potentially allow a remote attacker to perform a sandbox escape via a crafted HTML page. The vulnerability impact is described as high/critical (CVSS v3.1 base score 9.6) with network attack v...
CVE-2026-13875
Insufficient validation of untrusted input in GPU in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13834
The CVE-2026-13834 entry documents an issue in ANGLE used by Google Chrome before version 150.0.7871.47, where insufficient validation of untrusted input allowed a renderer-compromised attacker to potentially escape the sandbox via a crafted HTML page. The vulnerability is tied to the ANGLE compo...
CVE-2026-13831
The CVE-2026-13831 entry relates to an Out-of-bounds read/write in Chrome’s GPU/renderer path. Affects Google Chrome prior to version 150.0.7871.47, enabling a remote attacker who has compromised the renderer process to run arbitrary code inside the sandbox via a crafted HTML page. Root cause is ...
CVE-2026-13820
Out of bounds read in Skia in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...
CVE-2026-13805
Use after free in GFX in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...
CVE-2026-13805
Use after free in GFX in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...
CVE-2026-13793
Insufficient policy enforcement in SVG in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...
CVE-2026-13793
Insufficient policy enforcement in SVG in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...
CVE-2026-13789
Use after free in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-13781
Insufficient validation of untrusted input in Skia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-56365 ImageMagick - Memory Leak in PNG Encoder via MNG Image Writing
ImageMagick before 7.1.2-19 contains a memory leak vulnerability in the PNG encoder when writing MNG images. Attackers can trigger the encoder failure condition to exhaust memory resources and cause denial of service...
giflib: giflib: Denial of Service via buffer overflow in EGifGCBToExtension
A flaw was found in giflib. A remote attacker can exploit a buffer overflow vulnerability in the EGifGCBToExtension function by providing a specially crafted Graphics Control Extension GCE block. This allows overwriting an existing GCE block without proper size validation, leading to a denial of...
giflib: giflib: Denial of Service via buffer overflow in EGifGCBToExtension
A flaw was found in giflib. A remote attacker can exploit a buffer overflow vulnerability in the EGifGCBToExtension function by providing a specially crafted Graphics Control Extension GCE block. This allows overwriting an existing GCE block without proper size validation, leading to a denial of...
giflib: giflib: Denial of Service via buffer overflow in EGifGCBToExtension
A flaw was found in giflib. A remote attacker can exploit a buffer overflow vulnerability in the EGifGCBToExtension function by providing a specially crafted Graphics Control Extension GCE block. This allows overwriting an existing GCE block without proper size validation, leading to a denial of...
firefox: thunderbird: Privilege escalation in the Graphics: WebRender component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the Graphics: WebRender component...
firefox: thunderbird: Incorrect boundary conditions in the Graphics: CanvasWebGL component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Graphics: CanvasWebGL component...
firefox: thunderbird: Denial-of-service in the Graphics: ImageLib component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Denial-of-service in the Graphics: ImageLib component...
giflib: giflib: Denial of Service via buffer overflow in EGifGCBToExtension
A flaw was found in giflib. A remote attacker can exploit a buffer overflow vulnerability in the EGifGCBToExtension function by providing a specially crafted Graphics Control Extension GCE block. This allows overwriting an existing GCE block without proper size validation, leading to a denial of...