EUVD-2026-33221

Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

ASB-A-346797131

In ParseTag of dngifd.cpp, there is a possible way to crash the image renderer due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

DEBIAN-CVE-2022-2853

Heap buffer overflow in Downloads in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page...

Internet Bug Bounty: Disabling context isolation, nodeIntegrationInSubFrames using an unauthorised frame.

Details can be found in the following github advisory: https://github.com/electron/electron/security/advisories/GHSA-mq8j-3h7h-p8g7 Impact Using a renderer exploit, context isolation and nodeIntegrationInSubFrames can be disabled, which enables an attacker to leak IPC module and communicate with...

Virtually Unlimited Memory: Escaping the Chrome Sandbox

Posted by Mark Brand, Exploit Technique Archaeologist. Introduction After discovering a collection of possible sandbox escape vulnerabilities in Chrome, it seemed worthwhile to exploit one of these issues as a full-chain exploit together with a renderer vulnerability to get a better understanding...