Vendor CVEs
All CVEs
11,416 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-10969 | Hig | 0.49 | 7.5 | 0.00 | Jun 4, 2026 | Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-10946 | Hig | 0.49 | 7.5 | 0.00 | Jun 4, 2026 | Heap buffer overflow in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-10906 | Hig | 0.49 | 7.5 | 0.00 | Jun 4, 2026 | Use after free in WebAuthentication in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-10901 | Hig | 0.49 | 7.5 | 0.00 | Jun 4, 2026 | Use after free in Passwords in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical) | ||
| CVE-2026-10900 | Hig | 0.49 | 7.5 | 0.00 | Jun 4, 2026 | Use after free in Passwords in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) | ||
| CVE-2026-10899 | Hig | 0.49 | 7.5 | 0.00 | Jun 4, 2026 | Use after free in Ozone in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) | ||
| CVE-2026-46273 | Hig | 0.49 | 8.6 | 0.00 | Jun 3, 2026 | In the Linux kernel, the following vulnerability has been resolved: ibmveth: Disable GSO for packets with small MSS Some physical adapters on Power systems do not support segmentation offload when the MSS is less than 224 bytes. Attempting to send such packets causes the… | ||
| CVE-2026-9990 | Hig | 0.49 | 7.5 | 0.00 | May 28, 2026 | Use after free in WebAppInstalls in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9963 | Hig | 0.49 | 7.5 | 0.00 | May 28, 2026 | Uninitialized Use in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9960 | Hig | 0.49 | 7.5 | 0.00 | May 28, 2026 | Integer overflow in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted font file. (Chromium security severity: High) | ||
| CVE-2026-9956 | Hig | 0.49 | 7.5 | 0.00 | May 28, 2026 | Use after free in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9954 | Hig | 0.49 | 7.5 | 0.00 | May 28, 2026 | Use after free in TabStrip in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9934 | Hig | 0.49 | 7.5 | 0.00 | May 28, 2026 | Use after free in Aura in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9933 | Hig | 0.49 | 7.5 | 0.00 | May 28, 2026 | Use after free in Input in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9922 | Hig | 0.49 | 7.5 | 0.00 | May 28, 2026 | Use after free in GPU in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9909 | Hig | 0.49 | 7.5 | 0.00 | May 28, 2026 | Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9901 | Hig | 0.49 | 7.5 | 0.00 | May 28, 2026 | Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-10022 | Hig | 0.49 | 7.5 | 0.00 | May 28, 2026 | Type Confusion in V8 in Google Chrome prior to 148.0.7778.216 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code inside a sandbox via a crafted Chrome Extension. (Chromium security severity: Medium) | ||
| CVE-2026-10009 | Hig | 0.49 | 7.5 | 0.00 | May 28, 2026 | Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-10006 | Hig | 0.49 | 7.5 | 0.00 | May 28, 2026 | Race in WebAudio in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-10005 | Hig | 0.49 | 7.5 | 0.00 | May 28, 2026 | Use after free in WebAppInstalls in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-10003 | Hig | 0.49 | 7.5 | 0.00 | May 28, 2026 | Use after free in Views in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-9123 | Hig | 0.49 | 7.5 | 0.00 | May 20, 2026 | Heap buffer overflow in Chromecast in Google Chrome on Android, Linux, ChromeOS prior to 148.0.7778.179 allowed a local attacker to execute arbitrary code inside a sandbox via malicious network traffic. (Chromium security severity: Medium) | ||
| CVE-2026-9117 | Hig | 0.49 | 7.5 | 0.00 | May 20, 2026 | Type Confusion in GFX in Google Chrome on Linux, ChromeOS prior to 148.0.7778.179 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: High) | ||
| CVE-2026-8585 | Hig | 0.49 | 7.5 | 0.00 | May 14, 2026 | Inappropriate implementation in Media in Google Chrome on iOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium) | ||
| CVE-2026-8557 | Hig | 0.49 | 7.5 | 0.00 | May 14, 2026 | Use after free in Accessibility in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-8547 | Hig | 0.49 | 7.5 | 0.00 | May 14, 2026 | Insufficient policy enforcement in Passwords in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-8521 | Hig | 0.49 | 7.5 | 0.00 | May 14, 2026 | Use after free in Tab Groups in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Critical) | ||
| CVE-2026-8510 | Hig | 0.49 | 7.5 | 0.00 | May 14, 2026 | Integer overflow in Skia in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) | ||
| CVE-2026-8007 | Hig | 0.49 | 7.5 | 0.00 | May 6, 2026 | Insufficient validation of untrusted input in Cast in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: Low) | ||
| CVE-2026-7976 | Hig | 0.49 | 7.5 | 0.00 | May 6, 2026 | Use after free in Views in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: Medium) | ||
| CVE-2026-7948 | Hig | 0.49 | 7.5 | 0.00 | May 6, 2026 | Race in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severity: Medium) | ||
| CVE-2026-7929 | Hig | 0.49 | 7.5 | 0.00 | May 6, 2026 | Use after free in MediaRecording in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-7897 | Hig | 0.49 | 7.5 | 0.00 | May 6, 2026 | Use after free in Mobile in Google Chrome on iOS prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical) | ||
| CVE-2025-71256 | Hig | 0.49 | 7.5 | 0.00 | May 6, 2026 | In nr modem, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed. | ||
| CVE-2025-71255 | Hig | 0.49 | 7.5 | 0.00 | May 6, 2026 | In Modem IMS, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed. | ||
| CVE-2025-71254 | Hig | 0.49 | 7.5 | 0.00 | May 6, 2026 | In Modem IMS, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed. | ||
| CVE-2025-71253 | Hig | 0.49 | 7.5 | 0.00 | May 6, 2026 | In Modem IMS, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed. | ||
| CVE-2025-71252 | Hig | 0.49 | 7.5 | 0.00 | May 6, 2026 | In Modem IMS, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed. | ||
| CVE-2025-71251 | Hig | 0.49 | 7.5 | 0.00 | May 6, 2026 | In IMS, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. | ||
| CVE-2026-7357 | Hig | 0.49 | 7.5 | 0.00 | Apr 28, 2026 | Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-7349 | Hig | 0.49 | 7.5 | 0.00 | Apr 28, 2026 | Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to execute arbitrary code inside a sandbox via malicious network traffic. (Chromium security severity: High) | ||
| CVE-2026-7343 | Hig | 0.49 | 7.5 | 0.00 | Apr 28, 2026 | Use after free in Views in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical) | ||
| CVE-2026-7338 | Hig | 0.49 | 7.5 | 0.00 | Apr 28, 2026 | Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to potentially exploit heap corruption via malicious network traffic. (Chromium security severity: High) | ||
| CVE-2026-6319 | Hig | 0.49 | 7.5 | 0.00 | Apr 15, 2026 | Use after free in Payments in Google Chrome on Android prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Medium) | ||
| CVE-2026-6308 | Hig | 0.49 | 7.5 | 0.00 | Apr 15, 2026 | Out of bounds read in Media in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-5284 | Hig | 0.49 | 7.5 | 0.00 | Apr 1, 2026 | Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2026-5277 | Hig | 0.49 | 7.5 | 0.00 | Apr 1, 2026 | Integer overflow in ANGLE in Google Chrome on Windows prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2025-13292 | Hig | 0.49 | — | 0.00 | Dec 6, 2025 | A vulnerability in Apigee-X allowed an attacker to gain unauthorized read and write access to Apigee Analytics (AX) data and access logs belonging to other Apigee customer organizations. Apigee-X was found to be vulnerable. This vulnerability was patched in… | ||
| CVE-2025-13721 | Hig | 0.49 | 7.5 | 0.00 | Dec 2, 2025 | Race in v8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) |
- risk 0.49cvss 7.5epss 0.00
Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: High)
- risk 0.49cvss 7.5epss 0.00
Heap buffer overflow in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
- risk 0.49cvss 7.5epss 0.00
Use after free in WebAuthentication in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- risk 0.49cvss 7.5epss 0.00
Use after free in Passwords in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)
- risk 0.49cvss 7.5epss 0.00
Use after free in Passwords in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
- risk 0.49cvss 7.5epss 0.00
Use after free in Ozone in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
- risk 0.49cvss 8.6epss 0.00
In the Linux kernel, the following vulnerability has been resolved: ibmveth: Disable GSO for packets with small MSS Some physical adapters on Power systems do not support segmentation offload when the MSS is less than 224 bytes. Attempting to send such packets causes the…
- risk 0.49cvss 7.5epss 0.00
Use after free in WebAppInstalls in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- risk 0.49cvss 7.5epss 0.00
Uninitialized Use in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
- risk 0.49cvss 7.5epss 0.00
Integer overflow in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted font file. (Chromium security severity: High)
- risk 0.49cvss 7.5epss 0.00
Use after free in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
- risk 0.49cvss 7.5epss 0.00
Use after free in TabStrip in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- risk 0.49cvss 7.5epss 0.00
Use after free in Aura in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
- risk 0.49cvss 7.5epss 0.00
Use after free in Input in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- risk 0.49cvss 7.5epss 0.00
Use after free in GPU in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
- risk 0.49cvss 7.5epss 0.00
Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
- risk 0.49cvss 7.5epss 0.00
Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
- risk 0.49cvss 7.5epss 0.00
Type Confusion in V8 in Google Chrome prior to 148.0.7778.216 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code inside a sandbox via a crafted Chrome Extension. (Chromium security severity: Medium)
- risk 0.49cvss 7.5epss 0.00
Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
- risk 0.49cvss 7.5epss 0.00
Race in WebAudio in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
- risk 0.49cvss 7.5epss 0.00
Use after free in WebAppInstalls in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
- risk 0.49cvss 7.5epss 0.00
Use after free in Views in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
- risk 0.49cvss 7.5epss 0.00
Heap buffer overflow in Chromecast in Google Chrome on Android, Linux, ChromeOS prior to 148.0.7778.179 allowed a local attacker to execute arbitrary code inside a sandbox via malicious network traffic. (Chromium security severity: Medium)
- risk 0.49cvss 7.5epss 0.00
Type Confusion in GFX in Google Chrome on Linux, ChromeOS prior to 148.0.7778.179 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: High)
- risk 0.49cvss 7.5epss 0.00
Inappropriate implementation in Media in Google Chrome on iOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)
- risk 0.49cvss 7.5epss 0.00
Use after free in Accessibility in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: High)
- risk 0.49cvss 7.5epss 0.00
Insufficient policy enforcement in Passwords in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: High)
- risk 0.49cvss 7.5epss 0.00
Use after free in Tab Groups in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Critical)
- risk 0.49cvss 7.5epss 0.00
Integer overflow in Skia in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
- risk 0.49cvss 7.5epss 0.00
Insufficient validation of untrusted input in Cast in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: Low)
- risk 0.49cvss 7.5epss 0.00
Use after free in Views in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: Medium)
- risk 0.49cvss 7.5epss 0.00
Race in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severity: Medium)
- risk 0.49cvss 7.5epss 0.00
Use after free in MediaRecording in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
- risk 0.49cvss 7.5epss 0.00
Use after free in Mobile in Google Chrome on iOS prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)
- risk 0.49cvss 7.5epss 0.00
In nr modem, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed.
- risk 0.49cvss 7.5epss 0.00
In Modem IMS, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed.
- risk 0.49cvss 7.5epss 0.00
In Modem IMS, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed.
- risk 0.49cvss 7.5epss 0.00
In Modem IMS, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed.
- risk 0.49cvss 7.5epss 0.00
In Modem IMS, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed.
- risk 0.49cvss 7.5epss 0.00
In IMS, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.
- risk 0.49cvss 7.5epss 0.00
Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- risk 0.49cvss 7.5epss 0.00
Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to execute arbitrary code inside a sandbox via malicious network traffic. (Chromium security severity: High)
- risk 0.49cvss 7.5epss 0.00
Use after free in Views in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
- risk 0.49cvss 7.5epss 0.00
Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to potentially exploit heap corruption via malicious network traffic. (Chromium security severity: High)
- risk 0.49cvss 7.5epss 0.00
Use after free in Payments in Google Chrome on Android prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Medium)
- risk 0.49cvss 7.5epss 0.00
Out of bounds read in Media in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
- risk 0.49cvss 7.5epss 0.00
Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
- risk 0.49cvss 7.5epss 0.00
Integer overflow in ANGLE in Google Chrome on Windows prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)
- risk 0.49cvss —epss 0.00
A vulnerability in Apigee-X allowed an attacker to gain unauthorized read and write access to Apigee Analytics (AX) data and access logs belonging to other Apigee customer organizations. Apigee-X was found to be vulnerable. This vulnerability was patched in…
- risk 0.49cvss 7.5epss 0.00
Race in v8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
Page 96 of 229