33 matches found
The vulnerability of Google Chrome browser developer tools allows a hacker to gain access to confidential data.
The vulnerability of Google Chrome browser developer tools is related to the exposure of information. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data through a specially created HTML page...
chromium-browser: Out of bounds memory access in developer tools
Out of bounds memory access in developer tools in Google Chrome prior to 84.0.4147.89 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension...
The vulnerability of Google Chrome browser developer tools allows a hacker to gain access to confidential data.
The vulnerability of Google Chrome browser developer tools is related to the lack of protection for service data. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data through a specially created extension...
The vulnerability of Google Chrome browser developer tools allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of Google Chrome browser developer tools is related to the operation of operations that exceed the allowed boundaries of the data buffer. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data, compromise its integrity, and even cause servi...
UBUNTU-CVE-2020-6518
Use after free in developer tools in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had convinced the user to use developer tools to potentially exploit heap corruption via a crafted HTML page...
UBUNTU-CVE-2020-6530
Out of bounds memory access in developer tools in Google Chrome prior to 84.0.4147.89 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension...
UBUNTU-CVE-2020-6469
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension...
The vulnerability of Google Chrome browser-based development tools lies in the lack of mechanisms for verifying input data, allowing attackers to gain unauthorized access to confidential information.
The vulnerability of Google Chrome browser-based development tools is related to the lack of a mechanism for input validation. Exploiting this vulnerability could allow an attacker to gain unauthorized access to confidential data through a created HTML page...
DEBIAN-CVE-2020-6443
Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to execute arbitrary code via a crafted HTML page...
DEBIAN-CVE-2019-13748
Insufficient policy enforcement in developer tools in Google Chrome prior to 79.0.3945.79 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted HTML page...
UBUNTU-CVE-2019-13683
Insufficient policy enforcement in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
UBUNTU-CVE-2019-13668
Insufficient policy enforcement in developer tools in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
Grammarly: Unauthenticated users can access all food.grammarly.io user's data
Summary: The food.grammarly.io site uses the Meteor framework, which uses publications and methods to communicate between the backend and frontend. Although the site seems to require being authenticated as a Grammarly employee to use it, most methods and publications work without being...