1740 matches found
CVE-2026-10948
CVE-2026-10948 describes a use-after-free in WebRTC affecting Google Chrome up to 149.0.7827.53 . The vulnerability allows a remote attacker to execute arbitrary code inside Chrome’s sandbox via a crafted HTML page. The impact is described as high severity with possible full compromise of the san...
CVE-2026-10905
Use after free in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-10889
Out of bounds read in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-10886
Use after free in FileSystem in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-10885
Use after free in Chrome for iOS: Google Chrome on iOS prior to 149.0.7827.53 allows remote code execution via a crafted HTML page. The issue in Chrome for iOS is confirmed in multiple sources (CVE-2026-10885). The Chrome 149 stability release includes this fix (149.0.7827.53) across desktop and ...
PT-2026-46766
Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...
PT-2026-46453
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An integer overflow in Chromecast allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape. This is achieved through the use of a crafte...
Google Chrome 缓冲区错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a buffer overflow vulnerability. This vulnerability stemmed from an out-of-bounds read in the WebRTC component, which could allow remote attackers to extract sensitive information fr...
webkitgtk: A maliciously crafted webpage may be able to fingerprint the user
A flaw was found in WebKitGTK. A maliciously crafted web page can cause an authorization issue due to improper state management and may be able to fingerprint the user...
TRENDnet TEW-432BRP 安全漏洞
TRENDnet TEW-432BRP is a dual-band wireless router produced by TRENDnet Corporation. Version 3.10B20 of TRENDnet TEW-432BRP has a security vulnerability. This vulnerability stems from a parameter in the function formSetWlanEncrypt, specifically webpage, which causes a stack buffer overflow. This...
TRENDnet TEW-432BRP 安全漏洞
TRENDnet TEW-432BRP is a dual-band wireless router produced by TRENDnet Corporation. Version 3.10B20 of TRENDnet TEW-432BRP has a security vulnerability. This vulnerability stems from an issue with the formSetPassword function in the file/goform/formSetPassword, where the webpage operation in the...
CVE-2026-10192
creationtimestamp| type| source ---|---|--- 2026-05-30 17:04:12+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116664608498253097 2026-05-31 19:04:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mn6b26y72e2s 2026-05-31 23:04:21+00:00| seen|...
SUSE CVE-2026-9927
Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
PraisonAI has an Arbitrary File Write in Python API
Bug Report: Arbitrary File Write in Python API Summary Hidden metadata in a webpage causes PraisonAI agents to write attacker-controlled content to arbitrary paths. writefile skips path validation when workspace=None always None in production. Affected PraisonAI outputfile: /tmp/flag.txt...
EUVD-2026-33160
Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
ROS-20260529-73-0010
The vulnerability of JavaScript script handlers in Mozilla Firefox, Firefox ESR, and the email client Thunderbird lies in the issue of writing beyond the buffer boundaries in memory during the processing of Promise objects. Exploiting this vulnerability allows a malicious actor to execute arbitra...
CVE-2026-9970
Use after free in WebGL in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-9912
Inappropriate implementation in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...
CVE-2026-9906
Out of bounds write in GPU in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-9902
Use after free in Accessibility in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...