Search
1,463 CVEs
CVEs (1,463, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 476–500 of 1,463 (capped at 500)
| CVE ID | Severity ↓ | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2026-11295 | HIGH | Patched | 8.8 | 2026-06-05 | Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform privilege escalation via a crafted HTML page… |
| CVE-2026-11296 | HIGH | 7.5 | 2026-06-05 | Inappropriate implementation in ImageCapture in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform privilege… | |
| CVE-2026-11297 | HIGH | Patched | 7.7 | 2026-06-05 | Insufficient validation of untrusted input in Reader Mode in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to bypass navigation restrictions via … |
| CVE-2026-11301 | HIGH | Patched | 8.8 | 2026-06-05 | Inappropriate implementation in LiveCaption in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform out of bounds memory access via malicio… |
| CVE-2026-11279 | HIGH | 8.8 | 2026-06-05 | Out of bounds read in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromi… | |
| CVE-2026-11272 | HIGH | 8.8 | 2026-06-05 | Insufficient validation of untrusted input in Reading List in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specif… | |
| CVE-2026-11265 | HIGH | Patched | 7.5 | 2026-06-05 | Inappropriate implementation in Autofill in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium secu… |
| CVE-2026-11269 | HIGH | Patched | 7.1 | 2026-06-05 | Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker in a privileged network position to execute arbitrary code inside a s… |
| CVE-2026-11255 | HIGH | Patched | 7.5 | 2026-06-05 | Insufficient validation of untrusted input in Storage Access API in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process … |
| CVE-2026-11256 | HIGH | Patched | 8.3 | 2026-06-05 | Integer overflow in GPU in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape v… |
| CVE-2026-11262 | HIGH | Patched | 8.8 | 2026-06-05 | Use after free in TabStrip in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low) |
| CVE-2026-11248 | HIGH | Patched | 8.8 | 2026-06-05 | Inappropriate implementation in Google Lens in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Ch… |
| CVE-2026-11239 | HIGH | Patched | 7.5 | 2026-06-05 | Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform privilege e… |
| CVE-2026-11241 | HIGH | Patched | 8.0 | 2026-06-05 | Insufficient validation of untrusted input in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to perform privilege escalation … |
| CVE-2026-11242 | HIGH | Patched | 7.5 | 2026-06-05 | Insufficient validation of untrusted input in Plugins in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cro… |
| CVE-2026-10877 | HIGH | 7.3 | 2026-06-05 | A security vulnerability has been detected in SourceCodester Ship Ferry Ticket Reservation System up to 1.0. This impacts an unknown function of the file /admin/login.php o… | |
| CVE-2026-10586 | HIGH | 7.2 | 2026-06-05 | The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and i… | |
| CVE-2026-45497 | HIGH | 7.7 | 2026-06-04 | Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an authorized attacker to execute code over a network. | |
| CVE-2026-11235 | HIGH | 8.8 | 2026-06-04 | Insufficient policy enforcement in Compositing in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitra… | |
| CVE-2026-11236 | HIGH | 8.3 | 2026-06-04 | Insufficient policy enforcement in Web Bluetooth in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially p… | |
| CVE-2026-11237 | HIGH | 8.3 | 2026-06-04 | Insufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI… | |
| CVE-2026-20245 | HIGH | Patched | 7.8 | 2026-06-04 | A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, local attacker to execute arbitrary commands as root by … |
| CVE-2026-11224 | HIGH | Patched | 8.1 | 2026-06-04 | Use after free in Chromoting in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium s… |
| CVE-2026-11230 | HIGH | 8.8 | 2026-06-04 | Use after free in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium… | |
| CVE-2026-11231 | HIGH | Patched | 8.1 | 2026-06-04 | Inappropriate implementation in Safe Browsing in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a malicious file. (Chro… |