Lucene search
K

166 matches found

ATTACKERKB
ATTACKERKB
added 6 days ago7 views

CVE-2026-15120

Use after free in Core in Google Chrome on Windows prior to 150.0.7871.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

6AI score0.00178EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/07/02 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-14391

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in ANGLE in Google Chrome on Windows prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to obtain...

5.3CVSS6.2AI score0.00233EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/01 12:34 a.m.6 views

EUVD-2026-40720

Insufficient policy enforcement in Media in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to bypass site isolation via a crafted HTML page. Chromium security severity: Low...

5.7AI score0.00263EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-14119

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Type Confusion in Bluetooth in Google Chrome on Windows prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain potentially sensitive...

6.5CVSS6.1AI score0.00116EPSS
Exploits0References2
NVD
NVD
added 2026/06/30 11:17 p.m.6 views

CVE-2026-14033

Insufficient policy enforcement in Media in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to bypass site isolation via a crafted HTML page. Chromium security severity: Low...

6.5CVSS0.00263EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.5 views

DEBIAN-CVE-2026-13869

Use after free in Device in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.8AI score0.00316EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.6 views

CVE-2026-14015

Race in WebRTC in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00197EPSS
Exploits0
CVE
CVE
added 2026/06/30 10:38 p.m.21 views

CVE-2026-13925

CVE-2026-13925 concerns an inappropriate implementation in Chrome’s Downloads on Windows, prior to version 150.0.7871.47. The vulnerability enables remote code execution when a user is convinced to perform specific UI gestures on a crafted HTML page. Affected software is Google Chrome (Windows); ...

7.5CVSS6.2AI score0.00354EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.5 views

CVE-2026-13875

Insufficient validation of untrusted input in GPU in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS5.8AI score0.00281EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.27 views

CVE-2026-13869

Use after free in Device in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

0.00316EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 10:37 p.m.26 views

CVE-2026-13794

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

0.00448EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/30 7:8 a.m.5 views

mariadb: Arbitrary shell command execution via improper sanitization in CONNECT engine

A flaw was found in MariaDB server. When the CONNECT engine is installed and REST support is enabled on Windows, a user can exploit improper sanitization of the table HTTP attribute. This attribute is interpolated into the curl command line, allowing for arbitrary shell command execution on the...

9.9CVSS6.1AI score0.00797EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.10 views

PT-2026-54413

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in the WebAppInstalls component on Windows allows a remote attacker to perform UI spoofing. This occurs when a user is convinced to perform specific UI...

9.6CVSS6AI score0.00448EPSS
Exploits0References449
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.8 views

PT-2026-54335

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in Chromoting allows a local attacker to perform privilege escalation by using a malicious file. Recommendations Update Google Chrome to versi...

9.8CVSS5.9AI score0.00413EPSS
Exploits0References448
OSV
OSV
added 2026/06/11 10:16 p.m.6 views

DEBIAN-CVE-2026-12018

Inappropriate implementation in Mojo in Google Chrome on Windows prior to 149.0.7827.115 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: High...

8.8CVSS5.3AI score0.0016EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 12:16 a.m.18 views

CVE-2026-11634

Use after free in Gamepad in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS0.00252EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:46 a.m.8 views

SUSE CVE-2026-11058

Integer overflow in CredentialProvider in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform OS-level privilege escalation via a crafted HTML page. Chromium security severity: Medium...

7.5CVSS5.5AI score0.00207EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-11101

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uninitialized Use in Dawn in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromi...

6.5CVSS5.5AI score0.0025EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/04 11:4 p.m.8 views

CVE-2026-11056

Insufficient validation of untrusted input in SiteIsolation in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.5AI score0.00234EPSS
Exploits0
CVE
CVE
added 2026/06/04 11:4 p.m.32 views

CVE-2026-11009

CVE-2026-11009 is a use-after-free vulnerability in Chrome’s USB handling on Windows prior to 149.0.7827.53 that could allow a remote attacker to escape the sandbox via a crafted HTML page. The issue is reported for Chromium-based Chrome (severity: Medium) and is treated as a high-severity, high-...

9.6CVSS5.8AI score0.00325EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder