8001 matches found
CVE-2026-9110
Inappropriate implementation in UI in Google Chrome on Windows prior to 148.0.7778.179 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-9110
Inappropriate implementation in UI in Google Chrome on Windows prior to 148.0.7778.179 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-9110
The CVE-2026-9110 entry describes an issue in Google Chrome on Windows (pre-148.0.7778.179) where an attacker who has compromised the renderer could abuse an Inappropriate UI implementation to spoof UI via a crafted HTML page. The vulnerability affects the UI layer of Chrome’s renderer, enabling ...
EUVD-2026-31159
Inappropriate implementation in UI in Google Chrome on Windows prior to 148.0.7778.179 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-9110
Inappropriate implementation in UI in Google Chrome on Windows prior to 148.0.7778.179 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Critical...
Astra Linux - уязвимость в chromium
In the UI framework of Google Chrome, using “after free” before version 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux - уязвимость в chromium
Before version 104.0.5112.79, using Tab Strip in Google Chrome on Chrome OS allowed a remote attacker who convinced a user to engage in certain user interactions to potentially exploit heap corruption through specific UI interactions...
Astra Linux - уязвимость в chromium
Inappropriate implementation in the Extensions API in Google Chrome prior to 104.0.5112.101 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts into the WebUI through a crafted HTML page...
Astra Linux – Vulnerability in WebKit2GTK
The issue was resolved through improved UI handling. This issue has been fixed in Safari 16, tvOS 16, watchOS 9, and iOS 16. Visiting a website that contains malicious content may lead to UI spoofing...
Astra Linux - уязвимость в chromium
Type confusion in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted UI interaction. Chromium security severity: Low...
Astra Linux - уязвимость в chromium
Inappropriate implementation in the Extensions API in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to spoof the contents of the UI via a crafted Chrome Extension. Chromium security severity: Low...
Astra Linux - уязвимость в chromium
Inappropriate implementation in Web API Permission Prompts in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to obfuscate security UI via a crafted HTML page. Chromium security severity: Medium...
Astra Linux - уязвимость в chromium
The use of “after free” in the Side Panel Search in Google Chrome before version 120.0.6099.62 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption through those interactions. Chromium security severity: High...
Astra Linux - уязвимость в chromium
The use of “after free” in Media Capture in Google Chrome before version 120.0.6099.62 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption through those interactions. Chromium security severity: Medium...
Astra Linux - уязвимость в chromium
The use of “after free” in Accessibility in Google Chrome before version 122.0.6261.57 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through specific UI gestures. Chromium security severity: Medium...
Astra Linux - уязвимость в chromium
Inappropriate implementation in Downloads in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted URL. Chromium security severity: Medium...
Astra Linux - уязвимость в chromium
Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed an attacker who convinced a user to install a malicious app to perform UI spoofing via a crafted app. Chromium security severity: Medium...
Astra Linux - уязвимость в chromium
Before version 122.0.6261.57, using Accessibility in Google Chrome allowed a remote attacker who convinced a user to perform certain UI gestures to potentially exploit heap corruption through those gestures. Chromium security severity: Medium...
CVE-2025-57798
Joplin is an open source note-taking and to-do application that organises notes and lists into notebooks. Versions 3.6.14 and prior contain a Denial of Service DoS vulnerability in the title input functionality due to a lack of proper length validation. This flaw allows an attacker to cause an Ou...
CVE-2025-57798 Joplin has Denial of Service (DoS) via Uncontrolled Resource Allocation through Title Input
Joplin is an open source note-taking and to-do application that organises notes and lists into notebooks. Versions 3.6.14 and prior contain a Denial of Service DoS vulnerability in the title input functionality due to a lack of proper length validation. This flaw allows an attacker to cause an Ou...