VYPR

rpm package

opensuse/chromium&distro=openSUSE Leap 16.0

pkg:rpm/opensuse/chromium&distro=openSUSE%20Leap%2016.0

Vulnerabilities (353)

  • CVE-2026-5286HigApr 1, 2026
    affected < 146.0.7680.177-bp160.1.1fixed 146.0.7680.177-bp160.1.1

    Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-5285HigApr 1, 2026
    affected < 146.0.7680.177-bp160.1.1fixed 146.0.7680.177-bp160.1.1

    Use after free in WebGL in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-5284HigApr 1, 2026
    affected < 146.0.7680.177-bp160.1.1fixed 146.0.7680.177-bp160.1.1

    Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-5283MedApr 1, 2026
    affected < 146.0.7680.177-bp160.1.1fixed 146.0.7680.177-bp160.1.1

    Inappropriate implementation in ANGLE in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-5282HigApr 1, 2026
    affected < 146.0.7680.177-bp160.1.1fixed 146.0.7680.177-bp160.1.1

    Out of bounds read in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-5281HigKEVApr 1, 2026
    affected < 146.0.7680.177-bp160.1.1fixed 146.0.7680.177-bp160.1.1

    Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-5280HigApr 1, 2026
    affected < 146.0.7680.177-bp160.1.1fixed 146.0.7680.177-bp160.1.1

    Use after free in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-5279HigApr 1, 2026
    affected < 146.0.7680.177-bp160.1.1fixed 146.0.7680.177-bp160.1.1

    Object corruption in V8 in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-5278HigApr 1, 2026
    affected < 146.0.7680.177-bp160.1.1fixed 146.0.7680.177-bp160.1.1

    Use after free in Web MIDI in Google Chrome on Android prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-5277HigApr 1, 2026
    affected < 146.0.7680.177-bp160.1.1fixed 146.0.7680.177-bp160.1.1

    Integer overflow in ANGLE in Google Chrome on Windows prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-5276MedApr 1, 2026
    affected < 146.0.7680.177-bp160.1.1fixed 146.0.7680.177-bp160.1.1

    Insufficient policy enforcement in WebUSB in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-5275HigApr 1, 2026
    affected < 146.0.7680.177-bp160.1.1fixed 146.0.7680.177-bp160.1.1

    Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-5274HigApr 1, 2026
    affected < 146.0.7680.177-bp160.1.1fixed 146.0.7680.177-bp160.1.1

    Integer overflow in Codecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-5273MedApr 1, 2026
    affected < 146.0.7680.177-bp160.1.1fixed 146.0.7680.177-bp160.1.1

    Use after free in CSS in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-5272HigApr 1, 2026
    affected < 146.0.7680.177-bp160.1.1fixed 146.0.7680.177-bp160.1.1

    Heap buffer overflow in GPU in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-4680Mar 24, 2026
    affected < 146.0.7680.164-bp160.1.1fixed 146.0.7680.164-bp160.1.1

    Use after free in FedCM in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-4679Mar 24, 2026
    affected < 146.0.7680.164-bp160.1.1fixed 146.0.7680.164-bp160.1.1

    Integer overflow in Fonts in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-4678Mar 24, 2026
    affected < 146.0.7680.164-bp160.1.1fixed 146.0.7680.164-bp160.1.1

    Use after free in WebGPU in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-4677Mar 24, 2026
    affected < 146.0.7680.164-bp160.1.1fixed 146.0.7680.164-bp160.1.1

    Inappropriate implementation in WebAudio in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-4676Mar 24, 2026
    affected < 146.0.7680.164-bp160.1.1fixed 146.0.7680.164-bp160.1.1

    Use after free in Dawn in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Page 11 of 18