1057 matches found
CVE-2026-13841
Integer overflow in Skia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-13834
The CVE-2026-13834 entry documents an issue in ANGLE used by Google Chrome before version 150.0.7871.47, where insufficient validation of untrusted input allowed a renderer-compromised attacker to potentially escape the sandbox via a crafted HTML page. The vulnerability is tied to the ANGLE compo...
CVE-2026-13782
Use after free in Browser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-13281
Integer overflow in Mojo in Google Chrome prior to 149.0.7827.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. Chromium security severity: High...
EUVD-2026-39040
Race in DevTools in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-13025
CVE-2026-13025 describes a race in DevTools of Google Chrome prior to 149.0.7827.197 that could allow a remote attacker, who already compromised the renderer process, to potentially escape the sandbox via a crafted HTML page. The issue is rated High (CVSS v3.1: AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H...
Astra Linux – Vulnerability in Chromium
Before version 94.0.4606.61, using "use after free" in Portals within Google Chrome allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
The use of “after free” in QUIC in Google Chrome before version 124.0.6367.60 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Medium...
Astra Linux – Vulnerability in Chromium
Before version 94.0.4606.54, using the "after free" mechanism in Performance Manager in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
A heap buffer overflow in History in Google Chrome prior to version 90.0.4430.212 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
The use of after free in Passwords in Google Chrome before version 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
Type confusion in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted UI interaction. Chromium security severity: Low...
Astra Linux – Vulnerability in Chromium
Before version 90.0.4430.72, using "use after free" in permissions in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed a remote attacker who had compromised the renderer process to obfuscate the security UI via a crafted HTML page. Chromium security severity: Low...
Astra Linux – Vulnerability in Chromium
Before version 103.0.5060.53, using "use after free" in Interest groups in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page...
EUVD-2026-37547
Use after free in Media in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
DEBIAN-CVE-2026-12460
Insufficient policy enforcement in File System Access in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted PDF file. Chromium security severity: High...
CVE-2026-12465
Object lifecycle issue in Metrics in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-12464
Use after free in Browser in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-12463
Inappropriate implementation in Views in Google Chrome on Linux prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: High...