10 matches found
CVE-2026-2650
Heap buffer overflow in Media in Google Chrome prior to 145.0.7632.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
The vulnerability of the JavaScript script handler in Google Chrome and Microsoft Edge browsers allows attackers to execute arbitrary code.
The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge relates to type mixing errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created HTML page from a remote location...
SUSE CVE-2023-4360
Inappropriate implementation in Color in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. Chromium security severity: Medium...
The vulnerability in Google Chrome’s developer tools for web developers allows a hacker to execute arbitrary code.
The vulnerability of Google Chrome’s developer tools relates to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created web page from a remote location...
Ubuntu: Security Advisory (USN-322-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
UBUNTU-CVE-2021-21169
Out of bounds memory access in V8 in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page...
UBUNTU-CVE-2021-21141
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass file extension policy via a crafted HTML page...
DEBIAN-CVE-2020-6436
Use after free in window management in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Code injection
winpm-32.exe in Pegasus Mail aka Pmail v4.72 build 572 allows code execution via a crafted ssgp.dll file that must be installed locally. For example, if ssgp.dll is on the desktop and executes arbitrary code in the DllMain function, then clicking on a mailto: link on a remote web page triggers th...
Cross-site scripting-vulnerability warning-the black bar safety net
What is cross-site scriptingCSS/XSS? We said the cross-site scripting refers to a remote WEB page's html code is inserted with the malicious purpose of the data, the user that the The page is trustworthy, but when the browser downloads the page, the embedded script will be interpreted, Sometimes...