Filtered by vendor Microsoft
Subscribe
Total
24665 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-7356 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-04-30 | N/A | 8.8 HIGH |
| Use after free in Navigation in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2026-7357 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-04-30 | N/A | 7.5 HIGH |
| Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2026-7358 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-04-30 | N/A | 8.8 HIGH |
| Use after free in Animation in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2026-7359 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-04-30 | N/A | 8.8 HIGH |
| Use after free in ANGLE in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2026-7360 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-04-30 | N/A | 3.1 LOW |
| Insufficient validation of untrusted input. in Compositing in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2026-7361 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-04-30 | N/A | 8.8 HIGH |
| Use after free in iOS in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) | |||||
| CVE-2026-7363 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-04-30 | N/A | 8.8 HIGH |
| Use after free in Canvas in Google Chrome on Linux, ChromeOS prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Critical) | |||||
| CVE-2026-7340 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-04-30 | N/A | 4.3 MEDIUM |
| Integer overflow in ANGLE in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium) | |||||
| CVE-2026-7341 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-04-30 | N/A | 8.8 HIGH |
| Use after free in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2026-7342 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-04-30 | N/A | 8.8 HIGH |
| Use after free in WebView in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2026-7343 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-04-30 | N/A | 7.5 HIGH |
| Use after free in Views in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical) | |||||
| CVE-2026-7344 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-04-30 | N/A | 8.8 HIGH |
| Use after free in Accessibility in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical) | |||||
| CVE-2026-7345 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-04-30 | N/A | 8.3 HIGH |
| Insufficient validation of untrusted input in Feedback in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2026-33822 | 1 Microsoft | 2 365 Apps, Office Long Term Servicing Channel | 2026-04-29 | N/A | 6.1 MEDIUM |
| Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to disclose information locally. | |||||
| CVE-2026-33114 | 1 Microsoft | 2 365 Apps, Office Long Term Servicing Channel | 2026-04-29 | N/A | 8.4 HIGH |
| Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||||
| CVE-2026-33095 | 1 Microsoft | 2 365 Apps, Office Long Term Servicing Channel | 2026-04-29 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||||
| CVE-2026-33115 | 1 Microsoft | 2 365 Apps, Office Long Term Servicing Channel | 2026-04-29 | N/A | 8.4 HIGH |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||||
| CVE-2026-32189 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2026-04-29 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||||
| CVE-2026-32188 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2026-04-29 | N/A | 7.1 HIGH |
| Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | |||||
| CVE-2026-23657 | 1 Microsoft | 2 365 Apps, Office Long Term Servicing Channel | 2026-04-29 | N/A | 7.8 HIGH |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | |||||