223 matches found
CVE-2026-10510
Cross-Site Scripting XSS in GeniexWebView component in Transsion AI Assistant Lifestyle application com.transsion.aiassistantlifestyle all versions on Android allows remote attacker to execute arbitrary JavaScript in the WebView context via crafted webactiondata URL parameter...
CVE-2026-9888
Use after free in WebView in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-7342
Use after free in WebView in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-7342
Use after free in WebView in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
PT-2026-35842
Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 147.0.7727.138 Description A use after free issue exists in the WebView component, which allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. Use...
KLA91054 Multiple vulnerabilities in Opera
Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Out of bounds read vulnerability in WebCodecs can be exploited to cause denial of service. 2. Use aft...
CVE-2026-5429
Unsanitized input during web page generation in the Kiro Agent webview in Kiro IDE before version 0.8.140 allows a remote unauthenticated threat actor to execute arbitrary code via a potentially damaging crafted color theme name when a local user opens the workspace. This issue requires the user ...
Notesnook 跨站脚本漏洞
Notesnook is an end-to-end encrypted note application developed by Streetwriters. Versions of Notesnook prior to 3.3.17 contained a cross-site scripting vulnerability. This vulnerability stemmed from stored-cross-site scripting in the mobile sharing or web clipping process. Attackers controlled t...
KLA90963 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in CSS can be exploited to cause denial of service or execute...
Chromium: CVE-2026-3936 Use after free in WebView
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Linux Distros Unpatched Vulnerability : CVE-2026-3936
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebView in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML...
Google Chrome < 146.0.7680.71 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 146.0.7680.71. It is, therefore, affected by multiple vulnerabilities as referenced in the 202603stable-channel-update-for-desktop10 advisory. - Use after free in WebView in Google Chrome on Android prior to 146.0.7680.71...
Google Chrome < 146.0.7680.71 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 146.0.7680.71. It is, therefore, affected by multiple vulnerabilities as referenced in the 202603stable-channel-update-for-desktop10 advisory. - Use after free in WebView in Google Chrome on Android prior to 146.0.7680....
CVE-2026-3936
Use after free in WebView in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
ZOLL ePCR 安全漏洞
ZOLL ePCR is an electronic casualty reporting software developed by ZOLL Corporation in the United States. ZOLL ePCR has a security vulnerability, which stems from uncleaned user inputs being reflected into the WebView, potentially allowing arbitrary local file access...
PT-2026-1549
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 143.0.7499.192 Description Insufficient policy enforcement in the WebView tag allows a remote attacker to inject scripts or HTML into privileged pages via a crafted Chrome extension. This issue can be exploited ...
EUVD-2020-23221
Malware in sbrugna...
EUVD-2015-7671
Malware in sbrugna...
EUVD-2021-2403
Malware in sbrugna...
EUVD-2012-2621
Malware in sbrugna...