Lucene search
+L

2231 matches found

SUSE CVE
SUSE CVE
added 2026/05/08 2:26 a.m.11 views

SUSE CVE-2026-7966

Insufficient validation of untrusted input in SiteIsolation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

3.1CVSS5.7AI score0.00216EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/06 9:31 p.m.8 views

EUVD-2026-27967

Insufficient policy enforcement in Downloads in Google Chrome prior to 148.0.7778.96 allowed a local attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

4.4CVSS5.8AI score0.00119EPSS
Exploits0References3
CVE
CVE
added 2026/05/06 6:13 p.m.38 views

CVE-2026-8009

CVE-2026-8009: Google Chrome prior to 148.0.7778.96 has an Inappropriate implementation in Cast that lets a remote attacker who compromised the renderer bypass navigation restrictions via a crafted HTML page. Affected software is Chrome versions before 148.0.7778.96; the root cause is an incorrec...

5CVSS5.8AI score0.0012EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/06 6:12 p.m.38 views

CVE-2026-7952

Insufficient policy enforcement in Extensions in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass discretionary access control via a crafted HTML page. Chromium security severity: Medium...

0.00172EPSS
Exploits0References2
CVE
CVE
added 2026/05/06 6:12 p.m.22 views

CVE-2026-7948

CVE-2026-7948 affects Google Chrome on Windows, specifically a race condition in Chromoting that could allow local privilege escalation via a malicious file. The issue is reported for Chrome versions prior to 148.0.7778.96. The root cause is described as a race in Chromoting, with impact describe...

7.5CVSS5.8AI score0.00131EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/04/28 10:36 p.m.21 views

CVE-2026-7340

Integer overflow in ANGLE in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.5AI score0.00207EPSS
Exploits0
CVE
CVE
added 2026/04/15 7:4 p.m.40 views

CVE-2026-6364

CVE-2026-6364 is a reported out-of-bounds read in the Google Chrome Skia component, affecting Chrome before version 147.0.7727.101. The CVE description states that an attacker could obtain potentially sensitive information from process memory via a crafted file. Public advisories confirm the issu...

6.5CVSS5.8AI score0.00234EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/04/08 10:16 p.m.3 views

DEBIAN-CVE-2026-5918

Inappropriate implementation in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

4.3CVSS8.4AI score0.00158EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/04/08 9:20 p.m.6 views

CVE-2026-5859

Integer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS8.2AI score0.00351EPSS
Exploits0
EUVD
EUVD
added 2026/03/12 12:31 a.m.5 views

EUVD-2026-11472

Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.00166EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/03/11 10:4 p.m.17 views

CVE-2026-3942

Incorrect security UI in PictureInPicture in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.00177EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/03/11 10:4 p.m.7 views

CVE-2026-3940

Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

5.3CVSS5.3AI score0.00163EPSS
Exploits0
Cvelist
Cvelist
added 2026/03/11 10:4 p.m.28 views

CVE-2026-3938

Insufficient policy enforcement in Clipboard in Google Chrome prior to 146.0.7680.71 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

0.00171EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/11 10:4 p.m.4 views

CVE-2026-3928

Insufficient policy enforcement in Extensions in Google Chrome prior to 146.0.7680.71 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Medium...

5.8AI score0.00123EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/04 7:24 p.m.28 views

CVE-2026-3545

Insufficient data validation in Navigation in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

0.00263EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2026/02/19 12:0 a.m.5 views

openSUSE Security Advisory (SUSE-SU-2026:0568-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.2CVSS5.5AI score0.00755EPSS
Exploits2References12
Positive Technologies
Positive Technologies
added 2026/01/12 12:0 a.m.9 views

PT-2026-3418

Name of the Vulnerable Software and Affected Versions UTT HiPER 810 version 1.7.4-141218 Description A buffer overflow issue exists in the strcpy function within the /goform/setSysAdm file of UTT HiPER 810. Manipulation of the passwd1 argument triggers the overflow. Remote exploitation is possibl...

10CVSS8.5AI score0.00681EPSS
Exploits0References14
OSV
OSV
added 2025/11/18 12:15 a.m.13 views

AZL-70607 CVE-2025-13227 affecting package nodejs 20.14.0-13

Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.8AI score0.00244EPSS
Exploits0References1
OSV
OSV
added 2025/11/17 11:15 p.m.8 views

AZL-70553 CVE-2025-13224 affecting package nodejs18 18.20.3-11

Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.8AI score0.00454EPSS
Exploits1References1
EUVD
EUVD
added 2025/11/17 11:3 p.m.7 views

EUVD-2025-197892

Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.5AI score0.00454EPSS
Exploits1References3
Rows per page
Query Builder