175 matches found
CVE-2019-5862
Chromium/Google Chrome: CVE-2019-5862 is an AppCache validation flaw in Chromium before 76.0.3809.87 (renderer-compromised bypass). The issue allows a remote attacker to bypass site isolation via a crafted HTML page. Affected component: AppCache in Chromium; root cause: insufficient data validati...
CVE-2019-5862
Insufficient data validation in AppCache in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page...
CVE-2018-17462
Incorrect refcounting in AppCache in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform a sandbox escape via a crafted HTML page...
openSUSE Security Update : chromium (openSUSE-2019-1848)
This update for chromium to version 76.0.3809.87 fixes the following issues : - CVE-2019-5850: Use-after-free in offline page fetcher boo1143492 - CVE-2019-5860: Use-after-free in PDFium boo1143492 - CVE-2019-5853: Memory corruption in regexp length check boo1143492 - CVE-2019-5851:...
OPENSUSE-SU-2019:1849-1 Security update for chromium
This update for chromium to version 76.0.3809.87 fixes the following issues: - CVE-2019-5850: Use-after-free in offline page fetcher boo1143492 - CVE-2019-5860: Use-after-free in PDFium boo1143492 - CVE-2019-5853: Memory corruption in regexp length check boo1143492 - CVE-2019-5851: Use-after-pois...
OPENSUSE-SU-2019:1848-1 Security update for chromium
This update for chromium to version 76.0.3809.87 fixes the following issues: - CVE-2019-5850: Use-after-free in offline page fetcher boo1143492 - CVE-2019-5860: Use-after-free in PDFium boo1143492 - CVE-2019-5853: Memory corruption in regexp length check boo1143492 - CVE-2019-5851: Use-after-pois...
chromium-browser: AppCache not robust to compromised renderers
Insufficient data validation in AppCache in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page...
chromium-browser: Cross-origin resources size disclosure in Appcache
Resource size information leakage in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
openSUSE Security Update : chromium (openSUSE-2019-1557)
This update for chromium to version 75.0.3770.80 fixes the following issues : Security issues fixed : - CVE-2019-5828: Fixed a Use after free in ServiceWorker - CVE-2019-5829: Fixed Use after free in Download Manager - CVE-2019-5830: Fixed an incorrectly credentialed requests in CORS -...
openSUSE Security Update : chromium (openSUSE-2019-1558)
This update for chromium to version 75.0.3770.80 fixes the following issues: Security issues fixed : - CVE-2019-5828: Fixed a Use after free in ServiceWorker - CVE-2019-5829: Fixed Use after free in Download Manager - CVE-2019-5830: Fixed an incorrectly credentialed requests in CORS -...
openSUSE Security Update : chromium (openSUSE-2019-1559)
This update for chromium to version 75.0.3770.80 fixes the following issues: Security issues fixed : - CVE-2019-5828: Fixed a Use after free in ServiceWorker - CVE-2019-5829: Fixed Use after free in Download Manager - CVE-2019-5830: Fixed an incorrectly credentialed requests in CORS -...
OPENSUSE-SU-2019:1558-1 Security update for chromium
This update for chromium to version 75.0.3770.80 fixes the following issues: Security issues fixed: - CVE-2019-5828: Fixed a Use after free in ServiceWorker - CVE-2019-5829: Fixed Use after free in Download Manager - CVE-2019-5830: Fixed an incorrectly credentialed requests in CORS - CVE-2019-583...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2019:1557-1 Rating: important References: 1137332 Cross-References: CVE-2019-5828 CVE-2019-5829 CVE-2019-5830 CVE-2019-5831 CVE-2019-5832 CVE-2019-5833 CVE-2019-5834 CVE-2019-5835 CVE-2019-5836 CVE-2019-5837...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2019:1558-1 Rating: important References: 1137332 Cross-References: CVE-2019-5828 CVE-2019-5829 CVE-2019-5830 CVE-2019-5831 CVE-2019-5832 CVE-2019-5833 CVE-2019-5834 CVE-2019-5835 CVE-2019-5836 CVE-2019-5837...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2019:1559-1 Rating: important References: 1137332 Cross-References: CVE-2019-5828 CVE-2019-5829 CVE-2019-5830 CVE-2019-5831 CVE-2019-5832 CVE-2019-5833 CVE-2019-5834 CVE-2019-5835 CVE-2019-5836 CVE-2019-5837...
Google Chrome Sensitive Information Disclosure Vulnerability (CNVD-2019-17516)
Google Chrome is a web browser from Google, an American company. A security vulnerability exists in Appcache in Google Chrome versions prior to 75.0.3770.80. An attacker can exploit the vulnerability to obtain sensitive information...
Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 75 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 75.0.3770.80 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming...
Arbitrary Code Execution
Firefox is vulnerable to arbitrary code execution attacks. A remote user could invoke AppCache to hijack a URL in a domain using fallback files inside the manifest directory by serving the files from a sub-path on the domain which cause application to a crash resulting in a denial of service...
GHSA-7RR7-RCJW-56VJ Exposure of Sensitive Information to an Unauthorized Actor in activestorage
A bypass vulnerability in Active Storage = 5.2.0 for Google Cloud Storage and Disk services allow an attacker to modify the content-disposition and content-type parameters which can be used in with HTML files and have them executed inline. Additionally, if combined with other techniques such as...
CVE-2018-16477
A bypass vulnerability in Active Storage = 5.2.0 for Google Cloud Storage and Disk services allow an attacker to modify the content-disposition and content-type parameters which can be used in with HTML files and have them executed inline. Additionally, if combined with other techniques such as...