Lucene search
K

18 matches found

SUSE CVE
SUSE CVE
added 2026/06/18 1:59 a.m.7 views

SUSE CVE-2026-12450

Inappropriate implementation in Media in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.3AI score0.00184EPSS
Exploits0References3
CVE
CVE
added 2026/06/17 1:38 a.m.24 views

CVE-2026-12462

CVE-2026-12462 is a use-after-free in the Media component of Google Chrome before 149.0.7827.155. An attacker who has compromised the renderer process could trigger a crafted HTML page to execute arbitrary code inside Chrome’s sandbox. The vulnerability is tied to the Chromium-based Media stack a...

7.5CVSS6AI score0.00271EPSS
Exploits0References2Affected Software1
SUSE CVE
SUSE CVE
added 2026/06/07 4:44 a.m.10 views

SUSE CVE-2026-11134

Inappropriate implementation in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00176EPSS
Exploits0References2
OSV
OSV
added 2026/06/04 11:17 p.m.9 views

DEBIAN-CVE-2026-11176

Inappropriate implementation in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00176EPSS
Exploits0References1
OSV
OSV
added 2026/06/04 11:17 p.m.7 views

DEBIAN-CVE-2026-11106

Inappropriate implementation in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00187EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/30 2:16 a.m.14 views

SUSE CVE-2026-9989

Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to bypass same origin policy via a crafted video file. Chromium security severity: High...

6.3CVSS5.8AI score0.00107EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/29 12:19 a.m.14 views

CVE-2026-9989

An inappropriate implementation flaw was found in the Media component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513054053...

9.3CVSS5.7AI score0.00107EPSS
Exploits0References5
CVE
CVE
added 2026/05/28 10:25 p.m.23 views

CVE-2026-9989

The CVE-2026-9989 entry concerns Google Chrome’s Media component, with an inappropriate implementation that allowed a remote attacker to bypass the same-origin policy via a crafted video file. Affected software is Google Chrome prior to 148.0.7778.216; impact is the bypass of SOP, as described in...

6.3CVSS5.8AI score0.00107EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/14 7:52 p.m.35 views

CVE-2026-8585

Inappropriate implementation in Media in Google Chrome on iOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Medium...

0.00176EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/08 10:39 p.m.9 views

CVE-2026-8015

An inappropriate implementation flaw was found in the Media component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497548558...

5.4CVSS5.7AI score0.00159EPSS
Exploits0References5
OSV
OSV
added 2025/11/06 10:15 p.m.1 views

CVE-2025-11208

Inappropriate implementation in Media in Google Chrome prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

6.3CVSS5.8AI score
Exploits0References2
NVD
NVD
added 2025/11/06 10:15 p.m.4 views

CVE-2025-11208

Inappropriate implementation in Media in Google Chrome prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

6.3CVSS0.00213EPSS
Exploits0References2
CVE
CVE
added 2025/11/06 10:8 p.m.22 views

CVE-2025-11208

Affected software: Google Chrome/Chromium before 141.0.7390.54. Root cause: inappropriate implementation in Media enabling UI spoofing via a crafted HTML page after a user‑driven UI gesture. Impact: potential UI spoofing by a remote attacker; requires user interaction. Status: exploitation detail...

6.3CVSS5.7AI score0.00213EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/02/27 12:0 a.m.4 views

PT-2025-8948 · Apple · Ios +2

Name of the Vulnerable Software and Affected Versions: iOS version 18.2.1 Description: A zero-click attack on an iOS device leverages a vulnerability in Core Media, allowing attackers to deliver a malicious iMessage containing a specially crafted HEIF image. The exploit bypasses Apple’s BlastDoor...

8AI score
Exploits0References2
OSV
OSV
added 2024/11/12 9:15 p.m.1 views

DEBIAN-CVE-2024-11112

Use after free in Media in Google Chrome on Windows prior to 131.0.6778.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS5.5AI score0.00343EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 4:10 a.m.2 views

SUSE CVE-2019-13699

Use after free in media in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS8.5AI score0.0108EPSS
Exploits0References8
OSV
OSV
added 2022/12/14 6:15 a.m.2 views

DEBIAN-CVE-2022-4436

Use after free in Blink Media in Google Chrome prior to 108.0.5359.124 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS8.2AI score0.00628EPSS
Exploits0References1
OSV
OSV
added 2020/09/21 8:15 p.m.1 views

DEBIAN-CVE-2020-15964

Insufficient data validation in media in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS8.6AI score0.02942EPSS
Exploits1References1
Rows per page
Query Builder