5836 matches found
CVE-2019-5864
Insufficient data validation in CORS in Google Chrome prior to 76.0.3809.87 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension...
CVE-2019-13718
Insufficient data validation in Omnibox in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name...
CVE-2019-13718
CVE-2019-13718 corresponds to a Chrome/Chromium IDN spoofing flaw in Omnibox caused by insufficient validation of internationalized domain names (IDN homographs) in versions prior to 78.0.3904.70. Public advisories (Debian, Arch, Mageia, CNVD/CVE trackers) confirm the issue and cite a fix in 78.0...
CVE-2019-13718
Insufficient data validation in Omnibox in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name...
CVE-2019-13681
CVE-2019-13681 affects Google Chrome prior to 77.0.3865.75, where insufficient data validation in downloads could let a remote attacker bypass download restrictions via a crafted HTML page. The issue is documented with a vulnerability description and CVSS scores; connected sources indicate Chrome...
CVE-2019-13681
Insufficient data validation in downloads in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass download restrictions via a crafted HTML page...
CVE-2019-13681
Insufficient data validation in downloads in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass download restrictions via a crafted HTML page...
CVE-2019-13673
Insufficient data validation in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
CVE-2019-13678
CVE-2019-13678 affects Chromium/Google Chrome download-dialog spoofing. Root cause relates to incorrect data validation in the download dialog, enabling domain spoofing via crafted HTML. Debian advisories indicate remediation by upgrading Chromium to 78.0.3904.97-1~deb10u1 (and newer), with other...
CVE-2019-13670
Insufficient data validation in JavaScript in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2019-13675
Insufficient data validation in extensions in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to disable extensions via a crafted HTML page...
CVE-2019-13675
CVE-2019-13675 affects Google Chrome/Chromium: insufficient data validation in the extensions subsystem allows a remote attacker to disable extensions via a crafted HTML page. Publicly cited in Debian/Fedora advisories, with fixes implemented in Chromium/Chrome 78.x (as seen in Fedora/security ad...
CVE-2019-13669
CVE-2019-13669 affects Google Chrome versions before 77.0.3865.75. The issue is an incorrect data validation in navigation that allows a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. The provided sources identify the vulnerability and its impact as URL ba...
CVE-2019-13670
CVE-2019-13670 is a memory corruption issue in the v8 JavaScript engine of Chromium/Google Chrome. Affects Chrome/Chromium builds prior to 77.0.3865.75 with insufficient data validation that could enable heap corruption via a crafted HTML page. The Debian security advisory lists CVE-2019-13670 am...
CVE-2019-13669
Incorrect data validation in navigation in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...
CVE-2019-13678
Incorrect data validation in downloads in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page...
CVE-2019-13673
CVE-2019-13673 affects Google Chrome/Chromium: insufficient data validation in developer tools allowed a remote attacker to leak cross-origin data via a crafted HTML page. Fixes are shipped in Chromium/Chrome updates (e.g., Debian security advisory lists Chromium versions 78.0.3904.97+ and relate...
CVE-2019-13669
Incorrect data validation in navigation in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...
CVE-2019-13670
Insufficient data validation in JavaScript in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2019-13675
Insufficient data validation in extensions in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to disable extensions via a crafted HTML page...