VIR Vulnerability Intelligence Relay

Search

Found 42 results in 140ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-9991 low 3.1 3.1 FIX debian debian google 6d ago Inappropriate implementation in Media in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HT…
CVE-2026-9959 low 3.1 3.1 FIX debian debian google 6d ago Race in WebRTC in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
CVE-2026-9950 low 3.1 3.1 FIX debian debianmacos macos google 6d ago Insufficient validation of untrusted input in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a…
CVE-2026-9944 low 3.1 3.1 FIX debian debianmacos macos linux-kernel google 6d ago Uninitialized Use in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium sec…
CVE-2026-9920 low 3.1 3.1 FIX debian debian google 6d ago Uninitialized Use in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chr…
CVE-2026-10011 low 3.1 3.1 FIX debian debian google 6d ago Inappropriate implementation in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Ch…
CVE-2026-8579 low 3.1 3.1 FIX debian debianwindows windows google 20d ago Insufficient validation of untrusted input in Skia in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write…
CVE-2026-8578 low 3.1 3.1 FIX debian debian linux-kernelwindows windows google 20d ago Out of bounds read in GPU in Google Chrome on Linux prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chro…
CVE-2026-8572 low 3.1 3.1 FIX debian debianwindows windows google 20d ago Insufficient policy enforcement in Network in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a craft…
CVE-2026-8568 low 3.1 3.1 FIX debian debianwindows windows google 20d ago Insufficient policy enforcement in AI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to bypass Site Isolation via a crafted HTML page. (Ch…
CVE-2026-8556 low 3.1 3.1 FIX debian debianwindows windows google 20d ago Inappropriate implementation in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HT…
CVE-2026-8554 low 3.1 3.1 FIX debian debianwindows windows google 20d ago Type Confusion in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted H…
CVE-2026-8553 low 3.1 3.1 FIX debian debianwindows windows google 20d ago Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Ch…
CVE-2026-8545 low 3.1 3.1 FIX debian debianmacos macos linux-kernel google 20d ago Object corruption in Compositing in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromi…
CVE-2026-8536 low 3.1 3.1 FIX debian debianmacos macoswindows windows google 20d ago Insufficient validation of untrusted input in ReadingMode in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to bypass site Isolation v…
CVE-2026-8022 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 28d ago Inappropriate implementation in MHTML in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted …
CVE-2026-8017 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 28d ago Side-channel information leakage in Media in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-7968 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 28d ago Insufficient validation of untrusted input in CORS in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafte…
CVE-2026-7966 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 28d ago Insufficient validation of untrusted input in SiteIsolation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a c…
CVE-2026-7965 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 28d ago Insufficient validation of untrusted input in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a craft…
CVE-2026-7959 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 28d ago Inappropriate implementation in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.…
CVE-2026-7954 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 28d ago Race in Shared Storage in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security…
CVE-2026-7949 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 28d ago Out of bounds read in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted Chrome Extension. (Chromi…
CVE-2026-7945 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 28d ago Insufficient validation of untrusted input in COOP in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HT…
CVE-2026-7944 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 28d ago Insufficient validation of untrusted input in Persistent Cache in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via …
CVE-2026-7937 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 28d ago Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a c…
CVE-2026-7909 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 28d ago Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML pa…
CVE-2026-7360 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 1mo ago Insufficient validation of untrusted input. in Compositing in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a c…
CVE-2026-7351 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 1mo ago Race in MHTML in Google Chrome prior to 147.0.7727.138 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. (Chromium se…
CVE-2026-6312 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 2mo ago Insufficient policy enforcement in Passwords in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML p…
CVE-2017-5081 low 3.3 3.3 FIX arch arch rhelmacos macos google 9y ago multiple issues in chromium
CVE-2016-5166 low 3.1 3.1 suse suse google 10y ago The download implementation in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly restrict saving a file:// URL that is referenced by an http:// …
CVE-2015-4000 low 3.7 4.7 EXPFIX slesdebian debianmacos macos opensslibmoracle 11y ago The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to c…
CVE-2014-6160 low 2.1 ibmgoogle 12y ago IBM WebSphere Service Registry and Repository (WSRR) 8.5 before 8.5.0.1, when Chrome and WebSEAL are used, does not properly process ServiceRegistryDashboard logout actions, which allows remote attac…
CVE-2012-6140 low 1.9 FIX debian debian google 13y ago pam_google_authenticator.c in the PAM module in Google Authenticator before 1.0 requires user-readable permissions for the secret file, which allows local users to bypass intended access restrictions…
CVE-2012-5564 low 3.3 debian debian google 14y ago android-tools 4.1.1 in Android Debug Bridge (ADB) allows local users to overwrite arbitrary files via a symlink attack on /tmp/adb.log.
CVE-2012-4930 low 2.6 googlemozilla 14y ago The SPDY protocol 3 and earlier, as used in Mozilla Firefox, Google Chrome, and other products, can perform TLS encryption of compressed data without properly obfuscating the length of the unencrypte…
CVE-2012-4929 low 2.6 FIX debian debian googlemozilla 14y ago The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which…
CVE-2012-4676 low 1.2 google 14y ago The errorExitIfAttackViaString function in Tunnelblick 3.3beta20 and earlier allows local users to delete arbitrary files by constructing a (1) symlink or (2) hard link, a different vulnerability tha…
CVE-2012-3487 low 1.2 google 14y ago Race condition in Tunnelblick 3.3beta20 and earlier allows local users to kill unintended processes by waiting for a specific PID value to be assigned to a target process.
CVE-2011-2784 low 2.1 google 15y ago Google Chrome before 13.0.782.107 allows remote attackers to obtain sensitive information via a request for the GL program log, which reveals a local path in an unspecified log entry.
CVE-2010-0650 low 2.6 ubuntu ubuntu googleapple 17y ago WebKit, as used in Google Chrome before 4.0.249.78 and Apple Safari, allows remote attackers to bypass intended restrictions on popup windows via crafted use of a mouse click event.