Filtered by vendor Google
Subscriptions
Total
15516 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-14934 | 2 Google, Google Cloud | 3 Cloud Platform, Bigquery, Colab Enterprise | 2026-07-13 | N/A |
| A Missing Authorization vulnerability in the repository creation functionality in Google Cloud BigQuery, Dataform and Colab Enterprise, in the versions between October 2025 and May 10th, 2026, on Google Cloud Platform, allows an authenticated attacker to escalate privileges and perform cross-tenant repository takeover. This vulnerability was patched on 10 May 2026, and no customer action is needed. | ||||
| CVE-2026-13793 | 1 Google | 1 Chrome | 2026-07-13 | 6.5 Medium |
| Insufficient policy enforcement in SVG in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-13916 | 1 Google | 1 Chrome | 2026-07-13 | 4.3 Medium |
| Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-13962 | 1 Google | 1 Chrome | 2026-07-13 | 6.5 Medium |
| Insufficient data validation in PDF in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-13963 | 1 Google | 1 Chrome | 2026-07-13 | 3.1 Low |
| Inappropriate implementation in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-13966 | 1 Google | 1 Chrome | 2026-07-13 | 4.3 Medium |
| Inappropriate implementation in History in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-13973 | 1 Google | 1 Chrome | 2026-07-13 | 4.2 Medium |
| Inappropriate implementation in UI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-14013 | 1 Google | 1 Chrome | 2026-07-13 | 4.3 Medium |
| Inappropriate implementation in SVG in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-14015 | 1 Google | 1 Chrome | 2026-07-13 | 6.5 Medium |
| Race in WebRTC in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-14412 | 1 Google | 1 Chrome | 2026-07-13 | 8.3 High |
| Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-15124 | 1 Google | 1 Chrome | 2026-07-13 | 4.3 Medium |
| Insufficient policy enforcement in Passwords in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-0156 | 1 Google | 1 Android | 2026-07-12 | 6.5 Medium |
| In checkSsrcCollisionOnRcv of RtpSession.cpp, there is a possible memory safety issue due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-13813 | 1 Google | 1 Chrome | 2026-07-12 | 8.3 High |
| Insufficient policy enforcement in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-13828 | 1 Google | 1 Chrome | 2026-07-12 | 6.5 Medium |
| Inappropriate implementation in Enterprise in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-13837 | 1 Google | 1 Chrome | 2026-07-12 | 4.3 Medium |
| Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2026-14075 | 1 Google | 1 Chrome | 2026-07-12 | 4.3 Medium |
| Insufficient policy enforcement in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to bypass no-referrer policy via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-14155 | 1 Google | 1 Chrome | 2026-07-12 | 6.5 Medium |
| Insufficient policy enforcement in StorageAccessAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2026-13922 | 1 Google | 1 Chrome | 2026-07-12 | 6.5 Medium |
| Side-channel information leakage in Paint in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-13960 | 1 Google | 1 Chrome | 2026-07-12 | 4.3 Medium |
| Inappropriate implementation in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2026-14129 | 1 Google | 1 Chrome | 2026-07-12 | 4.2 Medium |
| Inappropriate implementation in PreviewTab in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) | ||||