Search CVE reports

Toggle filters

31 – 40 of 3796 results

CVE-2026-22695

Medium priority

Some fixes available 7 of 8

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From 1.6.51 to 1.6.53, there is a heap buffer over-read in the libpng simplified API...

5 affected packages

libpng, libpng1.6, firefox, chromium-browser, thunderbird

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libpng Not in release Not in release
libpng1.6 Fixed Fixed Fixed Fixed
firefox Not affected Not affected
chromium-browser Not affected Not affected
thunderbird Not affected Not affected
Show less packages

CVE-2025-14174

High priority

Some fixes available 4 of 18

Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499.110 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

6 affected packages

chromium-browser, webkitgtk, webkit2gtk, qtwebkit-source, qtwebkit-opensource-src, wpewebkit

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Not affected Not affected
webkitgtk Not in release Not in release Ignored
webkit2gtk Fixed Fixed Ignored Ignored
qtwebkit-source Not in release Not in release Ignored
qtwebkit-opensource-src Ignored Ignored Ignored Ignored
wpewebkit Not in release Ignored Ignored
Show less packages

CVE-2025-66293

Medium priority

Some fixes available 7 of 8

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows...

5 affected packages

libpng, firefox, thunderbird, chromium-browser, libpng1.6

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
libpng Not in release Not in release
firefox Not affected Not affected
thunderbird Not affected Not affected
chromium-browser Not affected Not affected
libpng1.6 Fixed Fixed Fixed Fixed
Show less packages

CVE-2025-13992

Medium priority
Not affected

Side-channel information leakage in Navigation and Loading in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to bypass site isolation via a crafted HTML page. (Chromium security severity: Medium)

1 affected package

chromium-browser

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Not affected Not affected
Show less packages

CVE-2025-13721

Medium priority
Not affected

Race in v8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

1 affected package

chromium-browser

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Not affected Not affected
Show less packages

CVE-2025-13720

Medium priority
Not affected

Bad cast in Loader in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

1 affected package

chromium-browser

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Not affected Not affected
Show less packages

CVE-2025-13640

Medium priority
Not affected

Inappropriate implementation in Passwords in Google Chrome prior to 143.0.7499.41 allowed a local attacker to bypass authentication via physical access to the device. (Chromium security severity: Low)

1 affected package

chromium-browser

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Not affected Not affected
Show less packages

CVE-2025-13639

Medium priority
Not affected

Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Low)

1 affected package

chromium-browser

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Not affected Not affected
Show less packages

CVE-2025-13638

Medium priority
Not affected

Use after free in Media Stream in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)

1 affected package

chromium-browser

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Not affected Not affected
Show less packages

CVE-2025-13637

Medium priority
Not affected

Inappropriate implementation in Downloads in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass download protections via a crafted HTML page. (Chromium...

1 affected package

chromium-browser

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
chromium-browser Not affected Not affected
Show less packages
  1. Previous page
  2. 2
  3. 3
  4. 4
  5. 5
  6. 6
  7. Next page
Export to JSON