CVE-2026-11270

Inappropriate implementation in UI in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

PT-2026-46471

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the user interface of Google Chrome on Windows allows a local attacker to achieve privilege escalation by using a malicious file. Recommendations Upda...

Chromium: CVE-2026-9110 Inappropriate implementation in UI

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Unspecified Vulnerability in Google Chrome (CNVD-2024-39250)

Google Chrome is a web browser from Google, an American company. A security vulnerability exists in Google Chrome versions prior to 124.0.6367.60, which stems from an improper UI implementation and can be exploited by remote attackers to perform UI spoofing via specific UI gestures...

CVE-2024-7019

Inappropriate implementation in UI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2024-7019

Inappropriate implementation in UI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2024-7019

CVE-2024-7019 describes an insecure UI implementation in Google Chrome (Chromium-based) before 124.0.6367.60, where a remote attacker could induce UI spoofing via a crafted HTML page if the user performs specific UI gestures. The evidence across connected sources consistently references the same ...

CVE-2024-7019

Inappropriate implementation in UI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2024-8909

Inappropriate implementation in UI in Google Chrome on iOS prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

Spoofing

A content spoofing vulnerability in the following components allows to render html pages containing arbitrary plain text content, which might fool an end user: UI add-on for SAP NetWeaver UIInfra, 1.0, SAP UI Implementation for Decoupled Innovations UI700, 2.0: SAP NetWeaver 7.00 Implementation,...

CVE-2018-2434

CVE-2018-2434 describes a content-spoofing vulnerability in SAP UI components (UI_Infra 1.0, UI_700 2.0; SAP_UI 7.4/7.5/7.51/7.52) used with SAP NetWeaver 7.00. The issue allows rendering HTML pages containing arbitrary plain text content, potentially misleading end users, but does not allow embe...

CVE-2014-7941

The SelectionOwner::ProcessTarget function in ui/base/x/selectionowner.cc in the UI implementation in Google Chrome before 40.0.2214.91 uses an incorrect data type for a certain length value, which allows remote attackers to cause a denial of service out-of-bounds read via crafted X11 data...