1059 matches found
CVE-2026-10005
An use after free flaw was found in the WebAppInstalls component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513750089...
Linux Distros Unpatched Vulnerability : CVE-2026-9990
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebAppInstalls in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gesture...
DEBIAN-CVE-2026-9990
Use after free in WebAppInstalls in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2026-9990
Use after free in WebAppInstalls in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2026-9987
Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 148.0.7778.216 allowed a local attacker to execute arbitrary code via a malicious file. Chromium security severity: High...
DEBIAN-CVE-2026-9987
Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 148.0.7778.216 allowed a local attacker to execute arbitrary code via a malicious file. Chromium security severity: High...
CVE-2026-10005
Google Chrome on macOS is affected by CVE-2026-10005 via a use-after-free in the WebAppInstalls component. The flaw allows a remote attacker to execute arbitrary code if the user is persuaded to perform certain UI gestures on a crafted HTML page; impact is high. A patch exists in Chrome version 1...
CVE-2026-10005
Use after free in WebAppInstalls in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...
CVE-2026-9990
CVE-2026-9990 affects Google Chrome on macOS in the WebAppInstalls component. The vulnerability is a use-after-free leading to potential heap corruption when a user is persuaded to perform specific UI gestures on a crafted HTML page. The issue is tied to Chromium code (upstream bug 513128608) and...
CVE-2026-9990
Use after free in WebAppInstalls in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2026-9990
Use after free in WebAppInstalls in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2026-9987
Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 148.0.7778.216 allowed a local attacker to execute arbitrary code via a malicious file. Chromium security severity: High...
PT-2026-44698
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description A use after free issue exists in WebAppInstalls on Mac. A remote attacker can potentially exploit heap corruption—a condition where memory allocation on the heap is corrupted—via a...
web-app-security-lab
Vulnerable Web App — Attack & Defend Lab A deliberately-vulne...
Astra Linux – Vulnerability in Chromium
In incorrect security user interfaces of web app installations in Google Chrome on Android before version 90.0.4430.212, an attacker who convinced a user to install a web application could inject scripts or HTML into a privileged page through a crafted HTML page...
CVE-2026-44925
Cross-Site Request Forgery CSRF vulnerability in InfoScale v.9.1.3 Operations Manager VIOM allows an attacker to force the user with an active session into clicking a malicious HTML link, which triggers unintended modifications on VIOM web application without the user's knowledge...
@domoskanonos/nidoca-pwa (>=1.0.1 <=1.0.2) potentially affected by unknown CVE via jest-electron (=0.1.11)
jest-electron NPM version =0.1.11 is affected by a known vulnerability. The following packages have a transitive dependency on jest-electron and may be impacted: - @domoskanonos/nidoca-pwa =1.0.1, =1.0.2 Source cves: unknown CVE Source advisory: SNYK:JS-JESTELECTRON-16754431...
pentest-report-clinic-sangabriel
Penetration Test Report — Clínica San Gabriel Overview Fu...
CoreExploit-Final
CoreExploit 🔐 Ethical Penetration Testing Learning Platfor...
PT-2026-38614
Name of the Vulnerable Software and Affected Versions Cinny versions prior to 4.10.3 Description A remote authenticated attacker who shares a room with a victim and has permissions to create room emotes can cause the victim's client to send their Matrix access token to an attacker-controlled...