Lucene search
K

299 matches found

EUVD
EUVD
added 5 days ago7 views

EUVD-2026-40589

Insufficient policy enforcement in Bluetooth in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00345EPSS
Exploits0References3
OSV
OSV
added 6 days ago2 views

DEBIAN-CVE-2026-13980

Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.0023EPSS
Exploits0References1
NVD
NVD
added 6 days ago4 views

CVE-2026-13859

Inappropriate implementation in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS0.0028EPSS
Exploits0References2
NVD
NVD
added 6 days ago6 views

CVE-2026-13845

Use after free in DOM in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00351EPSS
Exploits0References2
OSV
OSV
added 6 days ago2 views

DEBIAN-CVE-2026-13786

Use after free in Ozone in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6.2AI score0.00379EPSS
Exploits0References1
Debian CVE
Debian CVE
added 6 days ago3 views

CVE-2026-13936

Inappropriate implementation in Passwords in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00288EPSS
Exploits0
NVD
NVD
added 2026/06/17 1:20 p.m.9 views

CVE-2026-12450

Inappropriate implementation in Media in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

6.5CVSS0.00184EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/08 11:27 p.m.8 views

CVE-2026-11688

Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00256EPSS
Exploits0References3Affected Software1
SUSE CVE
SUSE CVE
added 2026/06/07 4:44 a.m.10 views

SUSE CVE-2026-11118

Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6AI score0.00387EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/05 12:31 a.m.9 views

EUVD-2026-34453

Out of bounds read in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00274EPSS
Exploits0References3
OSV
OSV
added 2026/06/04 11:17 p.m.8 views

DEBIAN-CVE-2026-11042

Use after free in Views in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS5.5AI score0.00301EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 11:17 p.m.8 views

CVE-2026-11028

Use after free in Media in Google Chrome on Linux and ChromeOS prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS0.00361EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/04 11:4 p.m.33 views

CVE-2026-11106

Inappropriate implementation in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

0.00187EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.6 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of Autofill components after their release, which could allow remote attackers to exploit the...

8.3CVSS5.4AI score0.00267EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.7 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of Audio components after their release, which could allow remote attackers to exploit the vulnerabilit...

8.3CVSS5.4AI score0.00267EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/30 9:28 a.m.14 views

EUVD-2026-33453

The GEO my WP plugin for WordPress is vulnerable to SQL Injection via the 'swlatlng' and 'nelatlng' parameters in all versions up to, and including, 4.5.5 The parameters are read from $SERVER'QUERYSTRING' via parsestr bypassing WordPress's wpmagicquotes protection, which only covers...

7.5CVSS5.8AI score0.00344EPSS
Exploits0References8
EUVD
EUVD
added 2026/05/29 12:38 a.m.10 views

EUVD-2026-33168

Use after free in Network in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Critical...

6.2AI score0.00301EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.12 views

PT-2026-44660

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description A use after free issue exists in WebAudio, which allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Use after free is a...

9.6CVSS6.2AI score0.00383EPSS
Exploits0References156
ATTACKERKB
ATTACKERKB
added 2026/05/20 7:12 p.m.9 views

CVE-2026-9120

Use after free in WebRTC in Google Chrome prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00501EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/04/21 11:16 p.m.8 views

CVE-2026-40928

WWBN AVideo is an open source video platform. In versions 29.0 and prior, multiple AVideo JSON endpoints under objects/ accept state-changing requests via $REQUEST/$GET and persist changes tied to the caller's session user, without any anti-CSRF token, origin check, or referer check. A malicious...

5.4CVSS0.00115EPSS
Exploits1References2
Rows per page
Query Builder