|
91
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in Autofill in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
New
|
CWE-416
Use After Free
|
CVE-2026-12020
|
2026-06-13 09:34 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
92
|
8.3 |
HIGH
Network
|
google
|
chrome
|
Race in Safe Browsing in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. …
New
|
CWE-362
Race Condition
|
CVE-2026-12022
|
2026-06-13 09:33 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
93
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.115 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)
New
|
CWE-346
Origin Validation Error
|
CVE-2026-12024
|
2026-06-13 09:27 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
94
|
9.6 |
CRITICAL
Network
|
google
|
chrome
|
Inappropriate implementation in Headless in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a craf…
New
|
CWE-250
CWE-693
Execution with Unnecessary Privileges
Protection Mechanism Failure
|
CVE-2026-12027
|
2026-06-13 09:26 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
95
|
4.6 |
MEDIUM
Network
|
-
|
-
|
Allegra downloadAttachment Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to execute arbitrary script on affected installations of Allegra. User …
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-11443
|
2026-06-13 09:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
96
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Allegra exportReport Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Allegra. Authe…
New
|
CWE-22
Path Traversal
|
CVE-2026-11442
|
2026-06-13 09:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
97
|
7.8 |
HIGH
Local
|
-
|
-
|
Heap buffer out-of-bounds write vulnerability in Avira Antivirus engine when scanning a malformed POSIX tar archive may allow Local Execution of Code or Denial-of-Service of the antivirus engine proc…
New
|
CWE-787
Out-of-bounds Write
|
CVE-2026-6676
|
2026-06-13 08:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
98
|
7.4 |
HIGH
Network
|
-
|
-
|
Information disclosure vulnerability in Avira Password Manager when used with Mozilla Firefox may allow a remote attacker operating a cross-origin iframe to obtain credentials autofilled for the pare…
New
|
CWE-669
Incorrect Resource Transfer Between Spheres
|
CVE-2026-12068
|
2026-06-13 08:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
99
|
7.8 |
HIGH
Local
|
-
|
-
|
Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed PDF file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process.
This…
New
|
CWE-125
Out-of-bounds Read
|
CVE-2025-9033
|
2026-06-13 08:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
100
|
7.8 |
HIGH
Local
|
-
|
-
|
Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed Windows PE file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process…
New
|
CWE-125
Out-of-bounds Read
|
CVE-2025-9032
|
2026-06-13 08:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
