Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a resource management vulnerability. This vulnerability stemmed from the reuse of resources after they were released in Blink, which could allow remote attackers to execute arbitrary...

PT-2026-38117

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description An uninitialized use in Dawn allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. Recommendations Update to version...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a buffer overflow vulnerability, which was caused by excessive writing within Skia. This vulnerability could allow remote attackers to exploit the system through specially crafted HT...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 148.0.7778.96 contained a security vulnerability caused by improper handling of Speech features. This vulnerability could allow remote attackers to execute UI deception through specially...

PT-2026-38105

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.96 Description An integer overflow in the GPU component allows a remote attacker who has compromised the renderer process to perform arbitrary read and write operations via a crafted HTML...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a security vulnerability caused by type confusion in WebRTC. This vulnerability could allow remote attackers to execute arbitrary code within a sandbox through a specially crafted HT...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a resource management vulnerability. This vulnerability stemmed from the reuse of objects after their release in the ANGLE framework, which could allow remote attackers to execute...

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a vulnerability related to input validation errors. This vulnerability stemmed from insufficient trust-based input validation in Cast, which could allow a remote attacker with access...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a security vulnerability caused by integer overflow in Blink, which could allow remote attackers to exploit heap corruption through specially crafted HTML pages...

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a vulnerability related to input validation errors. This vulnerability stemmed from insufficient trusted input validation in SiteIsolation, which could allow remote attackers with...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a resource management vulnerability. This vulnerability stemmed from the reuse of resources after their release in the Audio component, which could allow remote attackers to execute...

JLSEC-2026-386

An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTPS redirects is used with authentication could leak credentials to other services that exist on different protocols ...

HTML Injection

github.com/abhinavxd/libredesk is vulnerable to stored HTML injection. The vulnerability is due to improper sanitization of user input in the contact notes feature, which allows an attacker to inject arbitrary HTML by manipulating the request and exploit it to perform phishing, CSRF-style actions...

CVE-2026-42368 GeoVision LPC2011/LPC2211 Web Interface privilege escalation vulnerability

A privilege escalation vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted HTTP request can lead to execute priviledged operation. An attacker can visit a webpage to trigger this vulnerability...

RHCOS 3 : OpenShift Container Platform 3.9 haproxy (RHSA-2019:0547)

The remote Red Hat Enterprise Linux CoreOS 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:0547 advisory. - haproxy: Out-of-bounds read in dns.c:dnsvalidatednsresponse allows for memory disclosure CVE-2018-20102 - haproxy: Mishandling of...

Apache HTTP Server 资源管理错误漏洞

Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server is known for its speed, reliability, and ability to be expanded through simple APIs. Version 2.4.66 of Apache HTTP Server contains a vulnerability related to resource management...

[20260520] - Framework - Inadequate content filtering within the cleanAttributes filter code

Lack of input filtering leads to an XSS vector in the HTML filter code...

Astra Linux - уязвимость в chromium

The incorrect security UI in PictureInPicture in Google Chrome prior to version 146.0.7680.71 allowed a remote attacker to perform UI spoofing through a crafted HTML page. Chromium security severity: Low...

Astra Linux - уязвимость в chromium

Using “after free” in the Network component of Google Chrome before version 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

Astra Linux - уязвимость в firefox

Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...