27 matches found
Chromium: CVE-2026-13856 Insufficient validation of untrusted input in Speech
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
DEBIAN-CVE-2026-14150
Insufficient validation of untrusted input in Speech in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-13856
Insufficient validation of untrusted input in Speech in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...
DEBIAN-CVE-2026-13856
Insufficient validation of untrusted input in Speech in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-14150
Insufficient validation of untrusted input in Speech in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-13856
Insufficient validation of untrusted input in Speech in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13856
Insufficient validation of untrusted input in Speech in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...
PT-2026-54133
Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in the Speech component allows a remote attacker who has already compromised the renderer process to perform privilege escalation b...
EUVD-2011-2760
Malware in sbrugna...
SUSE CVE-2013-6621
Use-after-free vulnerability in Google Chrome before 31.0.1650.48 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the x-webkit-speech attribute in a text INPUT element...
SUSE CVE-2013-6645
Use-after-free vulnerability in the OnWindowRemovingFromRootWindow function in content/browser/webcontents/webcontentsviewaura.cc in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows user-assisted remote attackers to cause a denial of service or...
openSUSE Security Update : chromium (openSUSE-SU-2014:0243-1)
Chromium was updated to version 32.0.1700.102: Stable channel update : - Security Fixes : - CVE-2013-6649: Use-after-free in SVG images - CVE-2013-6650: Memory corruption in V8 - and 12 other fixes - Other : - Mouse Pointer disappears after exiting full-screen mode - Drag and drop files into...
SuSE Update for chromium openSUSE-SU-2014:0243-1 (chromium)
Check for the Version of chromium OpenVAS Vulnerability Test $Id: gbsuse201402431.nasl 8044 2017-12-08 08:32:49Z santu $ SuSE Update for chromium openSUSE-SU-2014:0243-1 chromium Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This...
Debian DSA-2862-1 : chromium-browser - several vulnerabilities
Several vulnerabilities have been discovered in the chromium web browser. - CVE-2013-6641 Atte Kettunen discovered a use-after-free issue in Blink/Webkit form elements. - CVE-2013-6643 Joao Lucas Melo Brasio discovered a Google account information disclosure issue related to the one-click sign-on...
DSA-2862-1 chromium-browser - several
Bulletin has no description...
Updated chromium-browser-stable package fixes multiple vulnerabilities
Use-after-free related to forms CVE-2013-6641. Unprompted sync with an attackers Google account CVE-2013-6643. Various fixes from internal audits, fuzzing and other initiatives CVE-2013-6644. Use-after-free related to speech input elements CVE-2013-6645. Use-after-free in web workers CVE-2013-664...
Design/Logic Flaw
Use-after-free vulnerability in the OnWindowRemovingFromRootWindow function in content/browser/webcontents/webcontentsviewaura.cc in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows user-assisted remote attackers to cause a denial of service or...
CVE-2013-6645
Use-after-free vulnerability in the OnWindowRemovingFromRootWindow function in content/browser/webcontents/webcontentsviewaura.cc in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows user-assisted remote attackers to cause a denial of service or...
CVE-2013-6645
Use-after-free vulnerability in the OnWindowRemovingFromRootWindow function in content/browser/webcontents/webcontentsviewaura.cc in Google Chrome before 32.0.1700.76 on Windows and before 32.0.1700.77 on Mac OS X and Linux allows user-assisted remote attackers to cause a denial of service or...
CVE-2013-6645
CVE-2013-6645 is a use-after-free in Chromium’s OnWindowRemovingFromRootWindow (web_contents_view_aura.cc) that can allow user-assisted remote denial of service via speech-input related vectors. Public references show Chromium/Chromium-based browsers were fixed in updates: openSUSE notes Chromium...