90 matches found
DEBIAN-CVE-2026-11667
Out of bounds read in WebRTC in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the GPU process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
MiracleLinux 8 : ruby:3.3 (AXSA:2026-769:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-769:01 advisory. erb: ERB: Arbitrary code execution via deserialization bypass CVE-2026-41316 Tenable has extracted the preceding description block directly from the...
CVE-2026-11685
Inappropriate implementation in MediaCapture in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...
CVE-2026-11667
Out of bounds read in WebRTC in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the GPU process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
PT-2026-47521
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.103 Description An inappropriate implementation in the Passwords component allows a remote attacker to leak cross-origin data by using a crafted HTML page. Recommendations Update to version...
SUSE CVE-2026-10906
Use after free in WebAuthentication in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
EUVD-2026-34392
Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
EUVD-2026-34387
Inappropriate implementation in Input in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...
DEBIAN-CVE-2026-10966
Inappropriate implementation in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. Chromium security severity: High...
CVE-2026-10956
Use after free in MimeHandlerView in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
DEBIAN-CVE-2026-10951
Use after free in Autofill in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2026-10969
Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: High...
CVE-2026-10954
Use after free in Actor in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
PT-2026-46473
Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 149.0.7827.53 Description Insufficient policy enforcement in the Autofill feature allows a remote attacker to leak cross-origin data, which is information from a different domain than the one currently...
PT-2026-46471
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the user interface of Google Chrome on Windows allows a local attacker to achieve privilege escalation by using a malicious file. Recommendations Upda...
SUSE CVE-2026-9922
Use after free in GPU in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. Chromium security severity: High...
SUSE CVE-2026-9973
Out of bounds write in V8 in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
EUVD-2026-33107
Out of bounds write in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
EUVD-2026-33093
Use after free in UI in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-10011
Inappropriate implementation in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...