63 matches found
CVE-2026-13783
CVE-2026-13783 is a Use-After-Free in Views in Google Chrome affecting versions before 150.0.7871.47. The vulnerability could allow a remote attacker to exploit heap corruption by convincing a user to perform specific UI gestures on a crafted HTML page. Several connected sources (NVD, Debian, EUV...
PT-2026-54273
Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description Incorrect security UI in Extensions allows a remote attacker to perform UI spoofing via a crafted HTML page if a user is convinced to engage in specific UI gestures. UI...
CVE-2026-11001
Inappropriate implementation in Payments in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
Astra Linux – Vulnerability in Chromium
Before version 91.0.4472.114, using "After Free" in Google Chrome allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through a crafted HTML page and user gestures...
Astra Linux – Vulnerability in Chromium
Using “after free” in DevTools in Google Chrome before version 92.0.4515.107 allowed an attacker who convinced a user to open DevTools to potentially exploit heap corruption through specific user gestures...
CVE-2026-5899
Insufficient policy enforcement in History Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Low...
CVE-2025-13636
Inappropriate implementation in Split View in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted domain name. Chromium security severity: Low...
PT-2025-48761
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 143.0.7499.41 Description An improper implementation in the Split View feature allowed a remote attacker to perform UI spoofing. The attacker needed to convince a user to perform specific UI gestures with a...
CVE-2025-12446
Incorrect security UI in SplitView in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted domain name. Chromium security severity: Low...
EUVD-2013-0900
Malware in sbrugna...
EUVD-2021-17487
Malware in sbrugna...
EUVD-2021-17476
Malware in sbrugna...
EUVD-2017-14130
Malware in sbrugna...
EUVD-2022-15320
Malicious code in bioql PyPI...
SUSE CVE-2025-0446
Inappropriate implementation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Low...
SUSE CVE-2024-6999
Inappropriate implementation in FedCM in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
PT-2024-3638 · Google +4 · Google Chrome +4
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 125.0.6422.60 Description: The issue is related to an inappropriate implementation in the Downloads component of Google Chrome, which allowed a remote attacker to perform UI spoofing via a crafted HTML page. Th...
PT-2024-3928 · Google +6 · Google Chrome +6
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 125.0.6422.141 Microsoft Edge affected versions not specified Description: The issue is related to an out of bounds memory access in the Browser UI, specifically in the Keyboard Inputs component, which could...
SUSE CVE-2013-0888
Skia, as used in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service out-of-bounds read via vectors related to a "user gesture check for dangerous file downloads."...
SUSE CVE-2013-0889
Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly enforce a user gesture requirement before proceeding with a file download, which might make it easier for remote attackers to execute arbitrary code via a crafted file...