2593 matches found
Chromium: CVE-2026-12455 Use after free in Tab Strip
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: SELinux: The use of both GFPKERNEL and GFPATOMIC in convertcontext was enabled. The following warning was triggered in a hardware environment: SELinux: Converting 162 SID table entries... BUG: The sleeping function was called...
Astra Linux – Vulnerability in Chromium
Before version 94.0.4606.54, using Tab Strip with free resources in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Insufficient data validation in the New Tab Page of Google Chrome prior to 95.0.4638.69 allowed a remote attacker to inject arbitrary scripts or HTML into a new browser tab through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
In Google Chrome, out-of-bounds read operations in tab groups were allowed before version 90.0.4430.212. This enabled an attacker who convinced a user to install a malicious extension to perform an out-of-bounds memory read through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Before version 89.0.4389.72, using the "tab search" function in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Before version 98.0.4758.80, using the "After Free" feature in the Thumbnail Tab Strip in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
A heap buffer overflow in the Tab Groups component of Google Chrome prior to version 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and induced specific user interactions to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
The use of Tab Strip with free software in Google Chrome before version 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through a specific set of user gestures...
Astra Linux – Vulnerability in Chromium
Before version 104.0.5112.79, using Tab Strip in Google Chrome on Chrome OS allowed a remote attacker who convinced a user to engage in certain user interactions to potentially exploit heap corruption through specific UI interactions...
Astra Linux – Vulnerability in Chromium
Before version 115.0.5790.98, using tab groups with free in Google Chrome allowed a remote attacker who convinced a user to perform certain UI interactions to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
Before version 99.0.4844.74, using “After Free” in the New Tab page in Google Chrome allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through specific user interactions...
Astra Linux – Vulnerability in Chromium
Before version 100.0.4896.88, using tab groups in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
The use of tab groups for temporary files in Google Chrome before version 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through a crafted Chrome Extension and specific user interactions...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: kdb: Buffer overflow issue during “tab-complete” operation has been fixed. Currently, when a user attempts symbol completion using the Tab key, kdb uses strncpy to insert the completed symbol into the command buffer. Unfortunatel...
Astra Linux – Vulnerability in Firefox
A race condition involving requestPointerLock and setTimeout could have allowed a user to interact with one tab while believing they were on a different tab. Combined with certain elements such as , this could lead to an attack where the user became confused about the origin of the webpage and...
Astra Linux – Vulnerability in Chromium
Using “after free” in the Tab Strip in Google Chrome before version 90.0.4430.212 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Firefox
GNOME was leaking browser tab titles into system logs. This could potentially expose users’ browsing habits when they are using private tabs. This vulnerability affects Firefox versions earlier than 121...
CVE-2026-12455
An use after free flaw was found in the Tab Strip component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517069848...
CVE-2026-53437
A flaw was found in Jenkins. This vulnerability allows a remote attacker to perform phishing attacks by crafting a malicious redirect URL. The flaw occurs because Jenkins improperly validates redirect URLs after login, specifically when tab or newline characters are present between the // in the...