2231 matches found
SUSE CVE-2026-7966
Insufficient validation of untrusted input in SiteIsolation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...
EUVD-2026-27967
Insufficient policy enforcement in Downloads in Google Chrome prior to 148.0.7778.96 allowed a local attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-8009
CVE-2026-8009: Google Chrome prior to 148.0.7778.96 has an Inappropriate implementation in Cast that lets a remote attacker who compromised the renderer bypass navigation restrictions via a crafted HTML page. Affected software is Chrome versions before 148.0.7778.96; the root cause is an incorrec...
CVE-2026-7952
Insufficient policy enforcement in Extensions in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass discretionary access control via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-7948
CVE-2026-7948 affects Google Chrome on Windows, specifically a race condition in Chromoting that could allow local privilege escalation via a malicious file. The issue is reported for Chrome versions prior to 148.0.7778.96. The root cause is described as a race in Chromoting, with impact describe...
CVE-2026-7340
Integer overflow in ANGLE in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-6364
CVE-2026-6364 is a reported out-of-bounds read in the Google Chrome Skia component, affecting Chrome before version 147.0.7727.101. The CVE description states that an attacker could obtain potentially sensitive information from process memory via a crafted file. Public advisories confirm the issu...
DEBIAN-CVE-2026-5918
Inappropriate implementation in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2026-5859
Integer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...
EUVD-2026-11472
Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...
CVE-2026-3942
Incorrect security UI in PictureInPicture in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-3940
Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...
CVE-2026-3938
Insufficient policy enforcement in Clipboard in Google Chrome prior to 146.0.7680.71 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2026-3928
Insufficient policy enforcement in Extensions in Google Chrome prior to 146.0.7680.71 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2026-3545
Insufficient data validation in Navigation in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
openSUSE Security Advisory (SUSE-SU-2026:0568-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2026-3418
Name of the Vulnerable Software and Affected Versions UTT HiPER 810 version 1.7.4-141218 Description A buffer overflow issue exists in the strcpy function within the /goform/setSysAdm file of UTT HiPER 810. Manipulation of the passwd1 argument triggers the overflow. Remote exploitation is possibl...
AZL-70607 CVE-2025-13227 affecting package nodejs 20.14.0-13
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
AZL-70553 CVE-2025-13224 affecting package nodejs18 18.20.3-11
Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
EUVD-2025-197892
Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...