|
2071
|
5.5 |
MEDIUM
Local
|
avahi
|
avahi
|
Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to version 0.9-rc4, any unprivileged local user can crash avahi-daemon by sending a …
|
CWE-617
Reachable Assertion
|
CVE-2026-34933
|
2026-04-14 02:26 |
2026-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2072
|
9.8 |
CRITICAL
Network
|
capricorn86
|
happy_dom
|
Happy DOM is a JavaScript implementation of a web browser without its graphical user interface. In versions 15.10.0 through 20.8.7, a code injection vulnerability in `ECMAScriptModuleCompiler` allows…
|
CWE-94
Code Injection
|
CVE-2026-33943
|
2026-04-14 02:24 |
2026-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2073
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Heap buffer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-5858
|
2026-04-14 02:24 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2074
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Integer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
|
CWE-472
External Control of Assumed-Immutable Web Parameter
|
CVE-2026-5859
|
2026-04-14 02:23 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2075
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
|
CWE-416
Use After Free
|
CVE-2026-5860
|
2026-04-14 02:23 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2076
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
|
CWE-416
Use After Free
|
CVE-2026-5861
|
2026-04-14 02:23 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2077
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Inappropriate implementation in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: H…
|
NVD-CWE-noinfo
|
CVE-2026-5862
|
2026-04-14 02:23 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2078
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Inappropriate implementation in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: H…
|
NVD-CWE-noinfo
|
CVE-2026-5863
|
2026-04-14 02:23 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2079
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
|
CWE-843
Type Confusion
|
CVE-2026-5865
|
2026-04-14 02:21 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2080
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
|
CWE-416
Use After Free
|
CVE-2026-5866
|
2026-04-14 02:20 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
