199 matches found
PT-2026-54686
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.46 Description A use after free issue in Skia, a graphics library, allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. A use after free occurs when a program...
DEBIAN-CVE-2026-13885
Use after free in Skia in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
Astra Linux – Vulnerability in Chromium
A out-of-bounds read in Skia using Google Chrome before version 146.0.7680.153 allowed a remote attacker to perform an out-of-bounds memory read through a crafted HTML page. Chromium security severity: High...
Chromium: CVE-2026-11057 Uninitialized Use in Skia
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
CVE-2026-11024
Stack buffer overflow in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. Chromium security severity: Medium...
Chromium: CVE-2026-9998 Integer overflow in Skia
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
DEBIAN-CVE-2026-9983
Type Confusion in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
UBUNTU-CVE-2026-9923
Use after free in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2026-7949
Out of bounds read in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2026-7949
Out of bounds read in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2026-7949
CVE-2026-7949 : Out-of-bounds read in Skia used by Google Chrome before 148.0.7778.96 allows a remote attacker who has compromised the renderer process to leak cross-origin data via a crafted Chrome Extension. Affected: Google Chrome/Skia stack; Root cause: out-of-bounds read in Skia. Impact: pot...
CVE-2026-6364
Out of bounds read in Skia in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted file. Chromium security severity: Medium...
Vulnerabilities fixed in Google Chrome
Google has fixed vulnerabilities in Google Chrome versions before 146.0.7680.75. The vulnerabilities are in Google Chrome's V8 engine and Skia graphics library. The vulnerability in the V8 engine allows a malicious person to execute arbitrary code within the browser's sandboxed environment via a...
Mozilla Thunderbird < 60.4
The version of Thunderbird installed on the remote Windows host is prior to 60.4. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2018-31 advisory. - A potential vulnerability leading to an integer overflow can occur during buffer size calculations for images when ...
Mozilla Firefox ESR < 60.0.2
The version of Firefox ESR installed on the remote Windows host is prior to 60.0.2. It is, therefore, affected by a vulnerability as referenced in the mfsa2018-14 advisory. - A heap buffer overflow can occur in the Skia library when rasterizing paths using a maliciously crafted SVG file with...
EUVD-2012-2864
Malware in sbrugna...
EUVD-2018-16968
Malware in sbrugna...
EUVD-2018-4345
Malware in sbrugna...
EUVD-2018-16881
Malware in sbrugna...
The vulnerability of the Skia graphic library used by Google Chrome and Microsoft Edge allows attackers to perform cross-site scripting attacks.
The vulnerability of the Skia graphic library in Google Chrome and Microsoft Edge is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks using a specially created HTML page...