CVE search results

1 – 10 of 3797 results

Detailed view

Sort by:

CVE-2026-3713

Medium priority

Needs evaluation

A flaw has been found in pnggroup libpng up to 1.6.55. Affected by this vulnerability is the function do_pnm2png of the file contrib/pngminus/pnm2png.c of the component pnm2png. This manipulation of the argument width/height...

5 affected packages

libpng, libpng1.6, firefox, thunderbird, chromium-browser

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
libpng	Not in release	Not in release	—	—
libpng1.6	Not affected	Not affected	Not affected	Not affected
firefox	Not affected	Not affected	—	—
thunderbird	Not affected	Not affected	—	—
chromium-browser	Not affected	Not affected	—	—

CVE-2026-3063

Medium priority

Not affected

Inappropriate implementation in DevTools in Google Chrome prior to 145.0.7632.116 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via DevTools. (Chromium...

1 affected package

chromium-browser

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	Not affected	Not affected	—	—

CVE-2026-3062

Medium priority

Not affected

Out of bounds read and write in Tint in Google Chrome on Mac prior to 145.0.7632.116 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

1 affected package

chromium-browser

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	Not affected	Not affected	—	—

CVE-2026-3061

Medium priority

Not affected

Out of bounds read in Media in Google Chrome prior to 145.0.7632.116 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

1 affected package

chromium-browser

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	Not affected	Not affected	—	—

CVE-2026-2323

Medium priority

Not affected

Inappropriate implementation in Downloads in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

1 affected package

chromium-browser

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	Not affected	Not affected	—	—

CVE-2026-2322

Medium priority

Not affected

Inappropriate implementation in File input in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security...

1 affected package

chromium-browser

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	Not affected	Not affected	—	—

CVE-2026-2321

Medium priority

Not affected

Use after free in Ozone in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security...

1 affected package

chromium-browser

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	Not affected	Not affected	—	—

CVE-2026-2320

Medium priority

Not affected

1 affected package

chromium-browser

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	Not affected	Not affected	—	—

CVE-2026-2319

Medium priority

Not affected

Race in DevTools in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures and install a malicious extension to potentially exploit object corruption via a malicious...

1 affected package

chromium-browser

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	Not affected	Not affected	—	—

CVE-2026-2318

Medium priority

Not affected

Inappropriate implementation in PictureInPicture in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium...

1 affected package

chromium-browser

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
chromium-browser	Not affected	Not affected	—	—

Export to JSON

Results by page:

Search CVE reports