The vulnerability of the Extensions API of Microsoft Edge and Google Chrome browsers allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Extensions API for Microsoft Edge and Google Chrome relates to improper security checks for standard elements. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information through a specially created HTML pa...

The vulnerability of the Google Chrome browser’s Extensions API allows a hacker to bypass existing security restrictions.

The vulnerability of the Google Chrome browser’s Extensions API is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to bypass existing security restrictions remotely...

The vulnerability of the Extensions API of Google Chrome and Microsoft Edge browsers allows a malicious actor to install any extension they desire.

The vulnerability of the Extensions API for Google Chrome and Microsoft Edge is related to insufficient data validation. Exploiting this vulnerability could allow an attacker to install any desired extension by using a specially created HTML page...

SUSE CVE-2016-5218

The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled navigation within PDFs, which allowed a remote attacker to temporarily spoof the contents of the Omnibox URL bar via a crafted HTML page containing PDF data...

UBUNTU-CVE-2022-2861

Inappropriate implementation in Extensions API in Google Chrome prior to 104.0.5112.101 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts into WebUI via a crafted HTML page...

CVE-2022-3047

Insufficient policy enforcement in Extensions API in Google Chrome prior to 105.0.5195.52 allowed an attacker who convinced a user to install a malicious extension to bypass downloads policy via a crafted HTML page...

The vulnerability of the Extensions API of Microsoft Edge and Google Chrome browsers allows attackers to circumvent existing security restrictions.

The vulnerability of the Extensions API for Microsoft Edge and Google Chrome is related to lack of access control. Exploiting this vulnerability could allow a malicious actor to bypass existing security restrictions remotely...

UBUNTU-CVE-2021-30601

Use after free in Extensions API in Google Chrome prior to 92.0.4515.159 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page...

Microsoft Edge 资源管理错误漏洞

Chrome is a web browsing tool developed by Google. A post-release reuse vulnerability exists in the Extensions API in versions of Google Chrome prior to 92.0.4515.159. An attacker could exploit this vulnerability to potentially cause heap corruption via a crafted HTML page...

CVE-2018-6176

Insufficient file type enforcement in Extensions API in Google Chrome prior to 68.0.3440.75 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted Chrome Extension...

UBUNTU-CVE-2018-6138

Insufficient policy enforcement in Extensions API in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension...

CVE-2016-5201

A leak of privateClass in the extensions API in Google Chrome prior to 54.0.2840.100 for Linux, and 54.0.2840.99 for Windows, and 54.0.2840.98 for Mac allowed a remote attacker to access privileged JavaScript code via a crafted HTML page...

CVE-2016-5218

The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled navigation within PDFs, which allowed a remote attacker to temporarily spoof the contents of the Omnibox URL bar via a crafted HTML page containing PDF data...

UBUNTU-CVE-2016-5217

The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly permitted access to privileged plugins, which allowed a remote attacker to bypass site isolation via a crafted HTML page...

UBUNTU-CVE-2016-5218

The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android incorrectly handled navigation within PDFs, which allowed a remote attacker to temporarily spoof the contents of the Omnibox URL bar via a crafted HTML page containing PDF data...