184 matches found
CVE-2026-5730 IDOR in Idvlabs' Ontime
Authorization bypass through User-Controlled key vulnerability in Idvlabs Software and Consulting Services Inc. Ontime allows Exploitation of Trusted Identifiers. This issue affects Ontime: through 04052026...
Linux Distros Unpatched Vulnerability : CVE-2026-13811
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in IME in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...
DEBIAN-CVE-2026-13811
Use after free in IME in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-13811
Use after free in IME in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-13811
CVE-2026-13811 describes a use-after-free in the IME component of Google Chrome prior to 150.0.7871.47, allowing a remote attacker to execute arbitrary code inside the sandbox via a crafted HTML page. The vulnerability affects Chrome’s input-method editor (IME) and is labeled with High severity. ...
CVE-2026-13811
Use after free in IME in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
PT-2026-54088
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A use after free issue exists in the Input Method Editor IME, a system that allows users to enter complex characters using a keyboard. This flaw allows a remote attacker to execute...
October 14, 2025—KB5066780 (OS Build 25398.1913)
None None...
[SECURITY] Fedora 42 Update: fcitx5-chewing-5.1.9-1.fc42
fcitx5-chewing is a Chewing Wrapper for Fcitx. Chewing is a set of free intelligent Chinese Phonetic IME...
EUVD-2017-11404
Malware in sbrugna...
EUVD-2020-2200
Malware in sbrugna...
EUVD-2017-17516
Malware in sbrugna...
EUVD-2013-3791
Malware in sbrugna...
EUVD-2017-17540
Malware in sbrugna...
EUVD-2011-2004
Malware in sbrugna...
EUVD-2016-8080
Malware in sbrugna...
CVE-2025-26450
In onInputEvent of IInputMethodSessionWrapper.java, there is a possible way for an untrusted app to inject key and motion events to the default IME due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction ...
CVE-2025-26450
In onInputEvent of IInputMethodSessionWrapper.java, there is a possible way for an untrusted app to inject key and motion events to the default IME due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction ...
CVE-2025-26450
In onInputEvent of IInputMethodSessionWrapper.java, there is a possible way for an untrusted app to inject key and motion events to the default IME due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction ...
CVE-2025-26450
CVE-2025-26450 affects Android-related code in onInputEvent of IInputMethodSessionWrapper.java. The issue allows an untrusted app to inject key and motion events to the default IME due to a missing permission check, enabling local privilege escalation with no additional privileges required. User ...