CVE-2022-4187

Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 108.0.5359.71 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. Chromium security severity: Medium...

CVE-2022-4187

Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 108.0.5359.71 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. Chromium security severity: Medium...

CVE-2022-4189

Insufficient policy enforcement in DevTools in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. Chromium security severity: Medium...

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 28 security fixes, including: 1379054 High CVE-2022-4174: Type Confusion in V8. Reported by Zhenghang Xiao @Kipreyyy on 2022-10-27 1381401 High CVE-2022-4175: Use after free in Camera Capture. Reported by Leecraso and Guang Gong of 360 Alpha Lab on...

Google Chrome < 108.0.5359.71 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 108.0.5359.71. It is, therefore, affected by multiple vulnerabilities as referenced in the 202211stable-channel-update-for-desktop29 advisory. - Use after free in Accessibility in Google Chrome prior to 108.0.5359.71...

Google Chrome < 108.0.5359.71 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 108.0.5359.71. It is, therefore, affected by multiple vulnerabilities as referenced in the 202211stable-channel-update-for-desktop29 advisory. - Use after free in Accessibility in Google Chrome prior to 108.0.5359.71...

GLSA-202210-16 : Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202210-16 Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities - Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to...

Malicious code in spring-boot-devtools (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 24c0313226e487a37c9158c78bc620c0306eb778d0aa789677c0c77811785295 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-6269 Malicious code in spring-boot-devtools (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 24c0313226e487a37c9158c78bc620c0306eb778d0aa789677c0c77811785295 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2022-37609

Prototype pollution vulnerability in beautify-web js-beautify 1.13.7 via the name variable in options.js...

Debian DSA-5244-1 : chromium - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5244 advisory. - Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install...

GLSA-202209-23 : Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202209-23 Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities - Use after free in Network Service in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted...

Google Chrome Input Validation Error Vulnerability (CNVD-2022-81241)

Google Chrome is a web browser from Google, an American company. An input validation error vulnerability exists in the DevTools component of Google Chrome versions prior to 105.0.5195.125. An attacker can exploit this vulnerability to convince users to install a malicious extension that bypasses...

PT-2022-6772 · Google +1 · Google Chrome +1

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 106.0.5249.62 Description: The issue is related to insufficient data validation in DevTools, allowing a remote attacker to bypass content security policy via a crafted HTML page. This could potentially impact a...

openSUSE 15 Security Update : opera (openSUSE-SU-2022:10130-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:10130-1 advisory. - Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a...

Google Chrome < 106.0.5249.61 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 106.0.5249.61. It is, therefore, affected by multiple vulnerabilities as referenced in the 202209stable-channel-update-for-desktop27 advisory. - Use after free in ChromeOS Notifications in Google Chrome on ChromeOS prio...

Google Chrome < 106.0.5249.61 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 106.0.5249.61. It is, therefore, affected by multiple vulnerabilities as referenced in the 202209stable-channel-update-for-desktop27 advisory. - Use after free in ChromeOS Notifications in Google Chrome on ChromeOS prior ...

FreeBSD : chromium -- multiple vulnerabilities (18529cb0-3e9c-11ed-9bc7-3065ec8fd3ec)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 18529cb0-3e9c-11ed-9bc7-3065ec8fd3ec advisory. - Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior t...

DEBIAN-CVE-2022-3201

Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. Chromium security severity: High...

CVE-2022-3201

Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. Chromium security severity: High...