Vulnérabilités des apps mobiles
99 entrées
| CVE | Sévérité | KEV | Publié | Description |
|---|---|---|---|---|
| CVE-2026-5281 | HIGH 8.8 | KEV | Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code vi… | |
| CVE-2026-3910 | HIGH 8.8 | KEV | Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted H… | |
| CVE-2026-3909 | HIGH 8.8 | KEV | Out of bounds write in Skia in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (… | |
| CVE-2026-2441 | HIGH 8.8 | KEV | Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Ch… | |
| CVE-2025-14174 | HIGH 8.8 | KEV | Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499.110 allowed a remote attacker to perform out of bounds memory access via a cra… | |
| CVE-2025-13223 | HIGH 8.8 | KEV | Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromi… | |
| CVE-2025-6558 | HIGH 8.8 | KEV | Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially perform a sandbox… | |
| CVE-2025-6554 | HIGH 8.1 | KEV | Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium secur… | |
| CVE-2025-5419 | HIGH 8.8 | KEV | Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML … | |
| CVE-2025-2783 | HIGH 8.3 | KEV | Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandb… | |
| CVE-2024-7965 | HIGH 8.8 | KEV | Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML … | |
| CVE-2024-4761 | HIGH 8.8 | KEV | Out of bounds write in V8 in Google Chrome prior to 124.0.6367.207 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. … | |
| CVE-2024-0519 | HIGH 8.8 | KEV | Out of bounds memory access in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML … | |
| CVE-2023-7024 | HIGH 8.8 | KEV | Heap buffer overflow in WebRTC in Google Chrome prior to 120.0.6099.129 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML pag… | |
| CVE-2023-5217 | HIGH 8.8 | KEV | Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap… | |
| CVE-2023-26369 | HIGH 7.8 | KEV | Acrobat Reader versions 23.003.20284 (and earlier), 20.005.30516 (and earlier) and 20.005.30514 (and earlier) are affected by an out-of-bounds write vulnerabil… | |
| CVE-2023-4863 | HIGH 8.8 | KEV | Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write v… | |
| CVE-2023-4762 | HIGH 8.8 | KEV | Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security s… | |
| CVE-2023-35311 | HIGH 8.8 | KEV | Microsoft Outlook Security Feature Bypass Vulnerability | |
| CVE-2023-3079 | HIGH 8.8 | KEV | Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromi… | |
| CVE-2023-2033 | HIGH 8.8 | KEV | Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromi… | |
| CVE-2023-21608 | HIGH 7.8 | KEV | Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Use After Free vulnerabil… | |
| CVE-2022-26485 | HIGH 8.8 | KEV | Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. Th… | |
| CVE-2022-4262 | HIGH 8.8 | KEV | Type confusion in V8 in Google Chrome prior to 108.0.5359.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromiu… | |
| CVE-2022-3723 | HIGH 8.8 | KEV | Type confusion in V8 in Google Chrome prior to 107.0.5304.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromiu… | |
| CVE-2022-3038 | HIGH 8.8 | KEV | Use after free in Network Service in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML p… | |
| CVE-2022-2294 | HIGH 8.8 | KEV | Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML pag… | |
| CVE-2022-1364 | HIGH 8.8 | KEV | Type confusion in V8 Turbofan in Google Chrome prior to 100.0.4896.127 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2022-1096 | HIGH 8.8 | KEV | Type confusion in V8 in Google Chrome prior to 99.0.4844.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2022-0609 | HIGH 8.8 | KEV | Use after free in Animation in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2021-4102 | HIGH 8.8 | KEV | Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2021-38003 | HIGH 8.8 | KEV | Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML p… | |
| CVE-2021-42292 | HIGH 7.8 | KEV | Microsoft Excel Security Feature Bypass Vulnerability | |
| CVE-2021-37975 | HIGH 8.8 | KEV | Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2021-30632 | HIGH 8.8 | KEV | Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2021-28550 | HIGH 8.8 | KEV | Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Use After Fre… | |
| CVE-2021-30563 | HIGH 8.8 | KEV | Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2021-30554 | HIGH 8.8 | KEV | Use after free in WebGL in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2021-30551 | HIGH 8.8 | KEV | Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2021-21206 | HIGH 8.8 | KEV | Use after free in Blink in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2021-21224 | HIGH 8.8 | KEV | Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | |
| CVE-2021-21220 | HIGH 8.8 | KEV | Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a… | |
| CVE-2021-21193 | HIGH 8.8 | KEV | Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2021-26411 | HIGH 8.8 | KEV | Internet Explorer Memory Corruption Vulnerability | |
| CVE-2021-21166 | HIGH 8.8 | KEV | Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2021-21017 | HIGH 8.8 | KEV | Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a heap-based bu… | |
| CVE-2021-21148 | HIGH 8.8 | KEV | Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-6572 | HIGH 8.8 | KEV | Use after free in Media in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to execute arbitrary code via a crafted HTML page. | |
| CVE-2020-16013 | HIGH 8.8 | KEV | Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML … | |
| CVE-2020-16009 | HIGH 8.8 | KEV | Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML … |