Vendor CVEs
All CVEs
11,327 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-9984 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Use after free in UI in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9983 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Type Confusion in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9978 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Use after free in Glic in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9976 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Inappropriate implementation in USB in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9973 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Out of bounds write in V8 in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9969 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9968 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Integer overflow in V8 in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9965 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Out of bounds write in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9962 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Use after free in WebRTC in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9961 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Use after free in SurfaceCapture in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9958 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Use after free in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High) | ||
| CVE-2026-9957 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Use after free in PDF in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High) | ||
| CVE-2026-9952 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Use after free in WebAudio in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9947 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Use after free in XML in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9945 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Use after free in Media in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9941 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9940 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9939 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Heap buffer overflow in WebCodecs in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9938 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Inappropriate implementation in V8 in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9928 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Out of bounds read in ANGLE in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9927 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9923 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Use after free in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9910 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Out of bounds memory access in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9897 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Use after free in DOM in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9896 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Out of bounds write in V8 in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9887 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Use after free in Proxy in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted PAC script. (Chromium security severity: Critical) | ||
| CVE-2026-9884 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Use after free in Browser in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical) | ||
| CVE-2026-9883 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Use after free in Base in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical) | ||
| CVE-2026-9879 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Out of bounds write in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical) | ||
| CVE-2026-9878 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Critical) | ||
| CVE-2026-9873 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Use after free in Network in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Critical) | ||
| CVE-2026-10021 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Insufficient validation of untrusted input in USB in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Medium) | ||
| CVE-2026-10019 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) | ||
| CVE-2026-10016 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Use after free in DOM in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-10015 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Integer overflow in WTF in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-10013 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Use after free in WebCodecs in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-10007 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Use after free in SVG in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-10002 | Hig | 0.57 | 8.8 | 0.00 | May 28, 2026 | Use after free in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High) | ||
| CVE-2026-9126 | Hig | 0.57 | 8.8 | 0.00 | May 20, 2026 | Use after free in DOM in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) | ||
| CVE-2026-9121 | Hig | 0.57 | 8.8 | 0.00 | May 20, 2026 | Out of bounds read in GPU in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | ||
| CVE-2026-9120 | Hig | 0.57 | 8.8 | 0.01 | May 20, 2026 | Use after free in WebRTC in Google Chrome prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9119 | Hig | 0.57 | 8.8 | 0.01 | May 20, 2026 | Heap buffer overflow in WebRTC in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9118 | Hig | 0.57 | 8.8 | 0.00 | May 20, 2026 | Use after free in XR in Google Chrome on Windows prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9114 | Hig | 0.57 | 8.8 | 0.00 | May 20, 2026 | Use after free in QUIC in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via malicious network traffic. (Chromium security severity: High) | ||
| CVE-2026-9112 | Hig | 0.57 | 8.8 | 0.00 | May 20, 2026 | Use after free in GPU in Google Chrome on Windows prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9111 | Hig | 0.57 | 8.8 | 0.01 | May 20, 2026 | Use after free in WebRTC in Google Chrome on Linux prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical) | ||
| CVE-2026-8587 | Hig | 0.57 | 8.8 | 0.00 | May 14, 2026 | Use after free in Extensions in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: Medium) | ||
| CVE-2026-8581 | Hig | 0.57 | 8.8 | 0.00 | May 14, 2026 | Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) | ||
| CVE-2026-8577 | Hig | 0.57 | 8.8 | 0.00 | May 14, 2026 | Integer overflow in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) | ||
| CVE-2026-8558 | Hig | 0.57 | 8.8 | 0.00 | May 14, 2026 | Out of bounds write in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
- risk 0.57cvss 8.8epss 0.00
Use after free in UI in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Type Confusion in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Use after free in Glic in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Inappropriate implementation in USB in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Out of bounds write in V8 in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Integer overflow in V8 in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Out of bounds write in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Use after free in WebRTC in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Use after free in SurfaceCapture in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Use after free in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Use after free in PDF in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Use after free in WebAudio in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Use after free in XML in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Use after free in Media in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Heap buffer overflow in WebCodecs in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Inappropriate implementation in V8 in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Out of bounds read in ANGLE in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Use after free in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Out of bounds memory access in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Use after free in DOM in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Out of bounds write in V8 in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Use after free in Proxy in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted PAC script. (Chromium security severity: Critical)
- risk 0.57cvss 8.8epss 0.00
Use after free in Browser in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)
- risk 0.57cvss 8.8epss 0.00
Use after free in Base in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)
- risk 0.57cvss 8.8epss 0.00
Out of bounds write in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)
- risk 0.57cvss 8.8epss 0.00
Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Critical)
- risk 0.57cvss 8.8epss 0.00
Use after free in Network in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Critical)
- risk 0.57cvss 8.8epss 0.00
Insufficient validation of untrusted input in USB in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Medium)
- risk 0.57cvss 8.8epss 0.00
Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
- risk 0.57cvss 8.8epss 0.00
Use after free in DOM in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Integer overflow in WTF in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Use after free in WebCodecs in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Use after free in SVG in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Use after free in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Use after free in DOM in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
- risk 0.57cvss 8.8epss 0.00
Out of bounds read in GPU in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
- risk 0.57cvss 8.8epss 0.01
Use after free in WebRTC in Google Chrome prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.01
Heap buffer overflow in WebRTC in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Use after free in XR in Google Chrome on Windows prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Use after free in QUIC in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via malicious network traffic. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.00
Use after free in GPU in Google Chrome on Windows prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
- risk 0.57cvss 8.8epss 0.01
Use after free in WebRTC in Google Chrome on Linux prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)
- risk 0.57cvss 8.8epss 0.00
Use after free in Extensions in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: Medium)
- risk 0.57cvss 8.8epss 0.00
Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
- risk 0.57cvss 8.8epss 0.00
Integer overflow in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
- risk 0.57cvss 8.8epss 0.00
Out of bounds write in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Page 13 of 227