SUSE CVE-2026-7937

Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. Chromium security severity: Medium...

CVE-2026-7934

CVE-2026-7934 in Google Chrome’s Popup Blocker: Insufficient validation of untrusted input allowed a remote attacker who had access to the renderer process to bypass navigation restrictions via a crafted HTML page. Affected component: Popup Blocker in Chrome prior to version 148.0.7778.96. Root c...

CentOS 6 : chromium-browser (RHSA-2020:2544)

The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2544 advisory. - Use after free in reader mode in Google Chrome on Android prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to...

ROS-20240726-07

A vulnerability in the Sign-In component of the Google Chrome browser is related to the ability to bypass navigation restrictions using a specially crafted HTML page. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute cross-site scripted attacks...

CVE-2024-5500

Inappropriate implementation in Sign-In in Google Chrome prior to 1.3.36.351 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

CVE-2024-3840

Insufficient policy enforcement in Site Isolation in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

Inappropriate Implementation

chromium is vulnerable to Inappropriate Implementation. The vulnerability is due to inappropriate implementation in the Navigation feature of Google Chrome, allowing a remote attacker to bypass navigation restrictions via a crafted HTML page...

Misconfigured Security Controls

chromium is vulnerable to Misconfigured Security Controls. The vulnerability exists because of an improper implementation in the Fullscreen feature of the library, which could allow an attacker to deceive a user into installing a malicious extension. This would enable the attacker to bypass...

Improper Input Validation

chromium is vulnerable to Improper Input Validation. The vulnerability exists due to inappropriate implementation in Autofill in Google Chrome which allows a remote attacker to bypass navigation restrictions via a crafted HTML page...

DEBIAN-CVE-2022-4910

Inappropriate implementation in Autofill in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

Debian DSA-5386-1 : chromium - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5386 advisory. - Heap buffer overflow in Visuals in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who had compromised the renderer process to potentially exploi...

CVE-2023-1817

Insufficient policy enforcement in Intents in Google Chrome on Android prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

CVE-2023-1823

CVE-2023-1823 concerns Google Chrome's FedCM: an improper FedCM implementation allows a remote attacker to bypass navigation restrictions via a crafted HTML page. Affected product/component: Chrome/Chromium FedCM integration. Root cause: Inappropriate implementation in FedCM. Impact: navigation r...

CVE-2023-1823

Inappropriate implementation in FedCM in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

CVE-2023-1823

Inappropriate implementation in FedCM in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

CVE-2023-1229

Inappropriate implementation in Permission prompts in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

SUSE CVE-2018-16086

Insufficient policy enforcement in extensions API in Google Chrome prior to 69.0.3497.81 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension...

SUSE CVE-2019-13758

Insufficient policy enforcement in navigation in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...

Insufficient Policy Enforcement

chromium is vulnerable to insufficient policy enforcement.The vulnerability exists due to Insufficient policy enforcement in devtools, which allows a remote attacker to bypass navigation restrictions via a crafted HTML page...

CVE-2022-3201

Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. Chromium security severity: High...