53 matches found
Google Chrome < 150.0.7871.124 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 150.0.7871.124. It is, therefore, affected by multiple vulnerabilities as referenced in the 202607stable-channel-update-for-desktop0353146366 advisory. - Use after free in UI in Google Chrome on Linux prior to...
CVE-2026-15769
CVE-2026-15769 concerns insufficient validation of untrusted input in Linux Toolkit Theming in Google Chrome on Linux prior to 150.0.7871.125, potentially allowing a renderer-compromised remote attacker to escape the sandbox via a crafted HTML page. The Chrome update notes roll-out of 150.0.7871....
CVE-2026-15764
CVE-2026-15764 is a use-after-free in Chrome’s Ozone path on Linux, enabling potential heap corruption when a user is coerced into specific UI gestures via a crafted HTML page. Affected software is Google Chrome on Linux prior to the fixed build, with the issue classified as Critical (CVSS v3.1: ...
DEBIAN-CVE-2026-14149
Use after free in Audio in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14121
Use after free in Chromoting in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via malicious network traffic. Chromium security severity: Low...
DEBIAN-CVE-2026-13945
Insufficient policy enforcement in Extensions in Google Chrome on Linux prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2026-13854
Use after free in Ozone in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-13855
Use after free in Ozone in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...
CVE-2026-14121
Use after free in Chromoting in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via malicious network traffic. Chromium security severity: Low...
CVE-2026-14121
CVE-2026-14121 affects Chromoting in Google Chrome on Linux, due to a use-after-free in Chromoting that enables a remote attacker to execute arbitrary code via malicious network traffic. Affected: Chrome/Chromium on Linux prior to 150.0.7871.47. Impact signals in the source documents include high...
CVE-2026-14121
Use after free in Chromoting in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via malicious network traffic. Chromium security severity: Low...
CVE-2026-13855
Use after free in Ozone in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...
CVE-2026-13830
CVE-2026-13830 affects Chromoting in Google Chrome on Linux prior to 150.0.7871.47. The flaw is a use-after-free in Chromoting that allows a remote attacker to execute arbitrary code via malicious network traffic. The documented impact is high severity with the standard CVSS vector: AV:A/AC:L/PR:...
PT-2026-54396
Name of the Vulnerable Software and Affected Versions Google Chrome on Linux versions prior to 150.0.7871.47 Description A use after free issue in Chromoting allows a remote attacker to execute arbitrary code through malicious network traffic. Use after free is a memory corruption flaw that occur...
PT-2026-54300
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A use after free issue in Ozone on Linux allows a remote attacker to potentially exploit heap corruption. This occurs when a user is convinced to perform specific UI gestures while...
Linux Distros Unpatched Vulnerability : CVE-2026-12034
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Linux Toolkit Theming in Google Chrome on Linux prior to 149.0.7827.115 allowed a remote attacker who had...
CVE-2026-12034
Insufficient validation of untrusted input in Linux Toolkit Theming in Google Chrome on Linux prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. Chromium security severity: High...
PT-2026-48766
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.115 Description A heap buffer overflow exists in the Codecs component. This issue allows a remote attacker who has already compromised the renderer process to potentially achieve a sandbox escape by...
DEBIAN-CVE-2026-11668
Uninitialized Use in Codecs in Google Chrome on Linux, ChromeOS prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted video file. Chromium security severity: High...
CVE-2026-11644
Use after free in Views in Google Chrome on Linux prior to 149.0.7827.103 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Critical...