90559 matches found
CVE-2026-15778
Insufficient validation of untrusted input in Navigation in Google Chrome prior to 150.0.7871.125 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...
DEBIAN-CVE-2026-15771
Insufficient validation of untrusted input in Media in Google Chrome on Windows prior to 150.0.7871.125 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...
DEBIAN-CVE-2026-15766
Uninitialized Use in Skia in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...
DEBIAN-CVE-2026-15770
Uninitialized Use in V8 in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...
DEBIAN-CVE-2026-15768
Insufficient policy enforcement in HTML-in-Canvas in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...
CVE-2026-15768
Insufficient policy enforcement in HTML-in-Canvas in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...
CVE-2026-15772
Use after free in GPU in Google Chrome on Android prior to 150.0.7871.125 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
DEBIAN-CVE-2026-15764
Use after free in Ozone in Google Chrome on Linux prior to 150.0.7871.125 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-15764
Use after free in Ozone in Google Chrome on Linux prior to 150.0.7871.125 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-48253
Adobe Experience Manager is affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in...
CVE-2026-48254
Adobe Experience Manager is affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in...
CVE-2026-48260
Adobe Experience Manager is affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in...
CVE-2026-48261
Adobe Experience Manager is affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in...
CVE-2026-15777
CVE-2026-15777 – Use-after-free in the Chrome UI on Linux prior to 150.0.7871.125 can allow a remote attacker to induce heap corruption by tricking a user into performing specific UI gestures on a crafted HTML page. Affected product: Google Chrome (Linux UI subsystem). Root cause: use-after-free ...
CVE-2026-15778
CVE-2026-15778 affects Google Chrome navigation logic prior to version 150.0.7871.125, due to insufficient validation of untrusted input in Navigation. An attacker who compromises the renderer could bypass navigation restrictions via a crafted HTML page. The issue is addressed in Chrome 150.0.787...
CVE-2026-15774
CVE-2026-15774 is a Use-after-free in Skia affecting Google Chrome prior to 150.0.7871.125. The issue could allow a remote attacker (with renderer access) to escape the Chrome sandbox via a crafted HTML page. Public references show a Chrome security update (Stable Channel) and list this CVE among...
CVE-2026-15775
CVE-2026-15775 affects Google Chrome's V8 under a pre-150.0.7871.125 build. The issue is an inappropriate implementation that allowed a remote attacker to bypass the same-origin policy via a crafted HTML page. Impact is described as high in Chromium notes, with exploitation requiring user interac...
CVE-2026-15775
Inappropriate implementation in V8 in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...
CVE-2026-15770
CVE-2026-15770 affects Google Chrome (V8) prior to 150.0.7871.125. The issue is an uninitialized use in V8 that can allow a remote attacker to read potentially sensitive data from process memory via a crafted HTML page. Impact is confined to information disclosure; no exploit details or in-the-wi...
CVE-2026-48260
Adobe Experience Manager is affected by a DOM-based XSS vulnerability (CVE-2026-48260). The issue allows an attacker to manipulate the DOM to execute malicious JavaScript in the victim’s browser. Exploitation requires user interaction (victim visits a crafted page). CVSS v3.1: AV:N/AC:L/PR:L/UI:R...