JLSEC-2026-441

Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical...

Astra Linux - уязвимость в chromium

Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. Chromium security severity: Medium...

Astra Linux - уязвимость в chromium

The incorrect security UI in BFCache in Google Chrome prior to version 116.0.5845.179 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: High...

Astra Linux - уязвимость в chromium

The use of “after free” in DNS in Google Chrome before version 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Medium...

Astra Linux - уязвимость в chromium

The use of “after free” in the Loader component in Google Chrome before version 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

Astra Linux - уязвимость в firefox, thunderbird

Memory safety bugs exist in Firefox 115, Firefox ESR 115.0, and Thunderbird 115.0. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability affects Firefox version...

NewStart CGSL MAIN 6.06 (SP) : libwebp Vulnerability (NS-SA-2026-0031)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has libwebp packages installed that are affected by a vulnerability: - Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a...

EUVD-2025-35866

D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSchedule...

EUVD-2025-35869

D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formSetEmail...

openSUSE 15 Security Update : opera (openSUSE-SU-2025:0012-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2025:0012-1 advisory. - Update to 116.0.5366.21 CHR-9904 Update Chromium on desktop-stable-131-5366 to 131.0.6778.86 DNA-119581 Crash at views::View::ConvertPointToTarget...

SUSE CVE-2023-4764

Incorrect security UI in BFCache in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: High...

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Chrome. A malicious person could exploit the vulnerabilities to circumvent security measures bypass security measures, gain access to system data or execute code execute code in the context of the browser. Successful exploitation requires the malicious party to...

SUSE CVE-2023-4585

Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 117, Firefox ESR...

SUSE CVE-2023-4430

Use after free in Vulkan in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

DEBIAN-CVE-2023-4429

Use after free in Loader in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

DEBIAN-CVE-2023-4431

Out of bounds memory access in Fonts in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Medium...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser from Google, Inc. and V8 is an open source JavaScript engine. A security vulnerability previously existed in Google Chrome version 116.0.5845.110, which stemmed from an out-of-bounds read issue in the V8 module...

SUSE CVE-2023-4349

Use after free in Device Trust Connectors in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

SUSE CVE-2023-4358

Use after free in DNS in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

SUSE CVE-2023-4364

Inappropriate implementation in Permission Prompts in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. Chromium security severity: Medium...