5836 matches found
Chromium: CVE-2023-4077 Insufficient data validation in Extensions
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Privilege Escalation
chromium is vulnerable to Privilege Escalation. The vulnrability exists due to the insufficient data validation in Installer of the library, which allows an attacker to perform privilege escalation via malliciously crafted symbolic link...
F5 BIG-IP Data Forgery Issue Vulnerability
F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. A data forgery issue vulnerability exists in the F5 BIG-IP Edge Client, which stems from the presence of insufficient data...
Microsoft Edge (Chromium) < 114.0.1823.106 / 115.0.1901.200 Multiple Vulnerabilities
The version of Microsoft Edge installed on the remote Windows host is prior to 114.0.1823.106 / 115.0.1901.200. It is, therefore, affected by multiple vulnerabilities as referenced in the August 7, 2023 advisory. - Microsoft Edge Chromium-based Security Feature Bypass Vulnerability CVE-2023-38157...
Access Restriction Bypass
chromium is vulnerable to Access Restriction Bypass. The vulnerability exists due to insufficient data validation in DevTools in Google Chrome which allows a remote attacker to bypass content security policy via a crafted HTML page...
Insufficient Data Validation
chromium is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to the insufficient data validation in Extensions, allowing an attacker to convince user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension...
Google Chrome Code Execution Vulnerability (CNVD-2023-63465)
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a code execution vulnerability that stems from a data validation deficiency in Extensions. An attacker can exploit this vulnerability to execute arbitrary code on a system or cause an application to crash...
SUSE CVE-2023-4077
Insufficient data validation in Extensions in Google Chrome prior to 115.0.5790.170 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. Chromium security severity: Medium...
FreeBSD : chromium -- multiple vulnerabilities (6e4e8e87-9fb8-4e32-9f8e-9b4303f4bfd5)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 6e4e8e87-9fb8-4e32-9f8e-9b4303f4bfd5 advisory. - Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to...
CVE-2023-4077
Insufficient data validation in Extensions in Google Chrome prior to 115.0.5790.170 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2023-4077
Insufficient data validation in Extensions in Google Chrome prior to 115.0.5790.170 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. Chromium security severity: Medium...
Input validation
Insufficient data validation in Extensions in Google Chrome prior to 115.0.5790.170 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2023-4077
Insufficient data validation in Extensions in Google Chrome prior to 115.0.5790.170 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2023-4077
CVE-2023-4077 affects Google Chrome (and Chromium-derived browsers) via insufficient data validation in Extensions, allowing a user-driven attacker to inject scripts/HTML into a privileged page through a crafted Chrome Extension. The vulnerability is triggered when a user installs a malicious ext...
CVE-2023-4077
Insufficient data validation in Extensions in Google Chrome prior to 115.0.5790.170 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2023-4077
Insufficient data validation in Extensions in Google Chrome prior to 115.0.5790.170 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. Chromium security severity: Medium...
Google Chrome 安全漏洞
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a code execution vulnerability that stems from a data validation deficiency in Extensions. An attacker can exploit this vulnerability to execute arbitrary code on a system or cause an application to crash...
F5 BIG-IP Edge Client 数据伪造问题漏洞
F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. A data forgery issue vulnerability exists in the F5 BIG-IP Edge Client, which stems from the presence of insufficient data...
Stable Channel Update for Desktop
The Stable channel has been updated to 115.0.5790.170 for Mac and Linux and 115.0.5790.170/.171 for Windows, which will roll out over the coming days/weeks. A full list of changes in this build is available in the log. Security Fixes and Rewards Note: Access to bug details and links may be kept...
Google Chrome < 115.0.5790.170 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 115.0.5790.170. It is, therefore, affected by multiple vulnerabilities as referenced in the 202308stable-channel-update-for-desktop advisory. - Inappropriate implementation in Extensions in Google Chrome prior to...