Lucene search
K
UbuntucveRecent

68528 matches found

UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.8 views

CVE-2026-8570

Type Confusion in V8 in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.0025EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.7 views

CVE-2026-8571

Insufficient policy enforcement in GPU in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

8.3CVSS5.8AI score0.00214EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.9 views

CVE-2026-8552

Heap buffer overflow in GPU in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

4.3CVSS6AI score0.00195EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.8 views

CVE-2026-8577

Integer overflow in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.3AI score0.00252EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.7 views

CVE-2026-8568

Insufficient policy enforcement in AI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to bypass Site Isolation via a crafted HTML page. Chromium security severity: Medium...

3.1CVSS5.8AI score0.00174EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.8 views

CVE-2026-8560

Heap buffer overflow in SwiftShader in Google Chrome on Mac and iOS prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS6AI score0.00251EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.7 views

CVE-2026-8548

Out of bounds write in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00207EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.9 views

CVE-2026-8558

Out of bounds write in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.0028EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.12 views

CVE-2026-8517

Object lifecycle issue in WebShare in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6.2AI score0.00498EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.11 views

CVE-2026-8521

Use after free in Tab Groups in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via malicious network traffic. Chromium security severity: Critical...

7.5CVSS6.2AI score0.00157EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.11 views

CVE-2026-8545

Object corruption in Compositing in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.8AI score0.00161EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.8 views

CVE-2026-8583

Insufficient policy enforcement in WebXR in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS5.8AI score0.00179EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.12 views

CVE-2026-8561

Incorrect security UI in Fullscreen in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

5.4CVSS5.8AI score0.00184EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.7 views

CVE-2026-8542

Use after free in Core in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00207EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.8 views

CVE-2026-8519

Integer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS5.9AI score0.00234EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.6 views

CVE-2026-8512

Use after free in FileSystem in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.8AI score0.00207EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.8 views

CVE-2026-8550

Use after free in Google Lens in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.8AI score0.00229EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.8 views

CVE-2026-8520

Race in Payments in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.8AI score0.00166EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.9 views

CVE-2026-8555

Use after free in GTK in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.0028EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.10 views

CVE-2026-43907

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed integer overflow in QueryRGBBufferSizeInternal in DPXColorConverter.cpp leads to a heap-based out-of-bounds write when...

8.3CVSS6.6AI score0.0037EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.9 views

CVE-2026-8562

Side-channel information leakage in Navigation in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00187EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.6 views

CVE-2026-8551

Use after free in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.0028EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.8 views

CVE-2026-43905

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, jpeg2000input.cpp:395 computes buffer size as const int bufsize = w h ch bufferbpp using signed 32-bit arithmetic. When the product...

7.8CVSS5.9AI score0.00173EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.8 views

CVE-2026-8541

Out of bounds read in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

5.3CVSS5.8AI score0.00205EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.10 views

CVE-2026-8565

Inappropriate implementation in Downloads in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Medium...

4.7CVSS5.8AI score0.00134EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.7 views

CVE-2026-8533

Use after free in Accessibility in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00207EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.6 views

CVE-2026-8567

Integer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.9AI score0.00183EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.10 views

CVE-2026-8546

Out of bounds read in GPU in Google Chrome on Mac and Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

5.3CVSS5.8AI score0.00205EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.7 views

CVE-2026-8525

Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS6AI score0.00229EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.7 views

CVE-2026-8535

Out of bounds read in Media in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted JPEG file. Chromium security severity: High...

5.3CVSS5.8AI score0.00189EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.7 views

CVE-2026-8547

Insufficient policy enforcement in Passwords in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: High...

7.5CVSS5.8AI score0.00257EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.10 views

CVE-2026-8564

Incorrect security UI in Downloads in Google Chrome on Android and Mac prior to 148.0.7778.168 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS5.8AI score0.00163EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.8 views

CVE-2026-8549

Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.0028EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.12 views

CVE-2026-8529

Heap buffer overflow in Codecs in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted video file. Chromium security severity: High...

8.8CVSS6.4AI score0.00301EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.9 views

CVE-2026-8522

Use after free in Downloads in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6.2AI score0.0028EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.9 views

CVE-2026-8566

Insufficient policy enforcement in Payments in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00182EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.10 views

CVE-2026-8559

Integer overflow in Internationalization in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.9AI score0.00176EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.10 views

CVE-2026-44637

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, a signed integer overflow in the SIXEL parser's image-buffer doubling loop can lead to an out-of-bounds heap write in sixeldecoderawimpl. context-posx grows by repeatcount on every sixel character wit...

7.1CVSS6AI score0.0016EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.7 views

CVE-2026-8544

Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.0028EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.7 views

CVE-2026-8572

Insufficient policy enforcement in Network in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

3.1CVSS5.8AI score0.0016EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.6 views

CVE-2026-8554

Type Confusion in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.8AI score0.00172EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.12 views

CVE-2026-44636

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, signed integer overflow in sixelencodehighcolor's allocation size calculation can lead to a heap buffer overflow. The public sixelencode entry point validates only that width and height are greater th...

7.8CVSS6.2AI score0.00104EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.8 views

CVE-2026-8511

Use after free in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.8AI score0.00234EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.7 views

CVE-2026-8528

Insufficient validation of untrusted input in SiteIsolation in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to bypass Site Isolation via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.8AI score0.00196EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.8 views

CVE-2026-8536

Insufficient validation of untrusted input in ReadingMode in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to bypass site Isolation via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.8AI score0.00186EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.14 views

CVE-2026-43909

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed 32-bit integer overflow in the loop index expression i 4 inside SwapRGBABytes causes the function to compute a large negative...

8.8CVSS5.9AI score0.00371EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.12 views

CVE-2026-43908

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed 32-bit integer overflow in the pixel-loop index expression i 3 inside ConvertCbYCrYToRGB causes the function to compute a larg...

8.8CVSS5.9AI score0.00371EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.9 views

CVE-2026-8513

Use after free in Input in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.8AI score0.00207EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.9 views

CVE-2026-8532

Integer overflow in XML in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.3AI score0.0028EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/05/14 8:17 p.m.10 views

CVE-2026-43904

OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, softimageinput.cpp:469 mixed RLE and :345 pure RLE do not clamp the run length to remaining scanline width before writing pixels. The r...

8.4CVSS5.8AI score0.00173EPSS
Exploits1References2
Total number of security vulnerabilities68528