2030 matches found
Astra Linux - уязвимость в chromium
Before version 101.0.4951.41, using free after development tools in Google Chrome allowed a remote attacker to potentially exploit heap corruption through specific and direct user interactions...
Astra Linux - уязвимость в chromium
Insufficient data validation in DevTools in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to bypass content security policy via a crafted HTML page. Chromium security severity: Low...
Astra Linux - уязвимость в chromium
Insufficient policy enforcement in DevTools in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. Chromium security severity: Medium...
Astra Linux - уязвимость в chromium
Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. Chromium security severity: High...
Astra Linux - уязвимость в chromium
Insufficient data validation in Dev Tools of Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass content security policy through a crafted HTML page...
Astra Linux - уязвимость в chromium
Insufficient policy enforcement in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to leak cross-origin data via Devtools. Chromium security severity: Low...
Astra Linux - уязвимость в chromium
Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to obtain potentially sensitive information from the disk via a crafted HTML page...
Astra Linux - уязвимость в chromium
Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape through a crafted Chrome Extension...
Astra Linux - уязвимость в chromium
Using “after free” in DevTools in Google Chrome before version 132.0.6834.159 allowed a remote attacker to potentially exploit heap corruption through a crafted Chrome Extension. Chromium security severity: Medium...
Astra Linux - уязвимость в chromium
In DevTools of Google Chrome, out-of-bounds memory access prior to version 136.0.7103.59 allowed a remote attacker who convinced a user to perform certain UI gestures to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Medium...
ROS-20260515-73-0022
A vulnerability in the DevTools web development toolkit for Google Chrome and Microsoft Edge browsers involves the use of an object without calling a destructor method. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service by installing a malicious...
ROS-20260515-73-0055
A vulnerability in the DevTools component of the Google Chrome browser is related to access control flaws. Exploitation of the vulnerability could allow an attacker acting remotely to bypass security restrictions using a specially crafted HTML page...
ROS-20260515-73-0020
A vulnerability in the Google Chrome web browser's DevTools web development toolkit is related to the failure to take measures to protect the structure of a web page. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data and compromise its integrity...
Spring Boot: Spring Boot: Remote code execution via timing attack in DevTools remote secret comparison
A flaw was found in Spring Boot. An attacker on the same network as the remote application may be able to utilize a timing attack to discover information about a remote secret. In extreme circumstances, this could allow the attacker to determine the secret and upload changed classes, leading to...
@ardeora/start-devtools (>=1.0.0 <=1.0.1), @carvajalconsultants/headstart (>=1.0.0 <=1.0.2) +27 more potentially affected by unknown CVE via @tanstack/start-server-core (>=1.121.0-alpha.28 <=1.167.3)
@tanstack/start-server-core NPM version =1.121.0-alpha.28, =1.0.0, =1.0.0, =0.0.14, =1.20.3-alpha.1, =1.111.10, =1.121.23, =0.0.1, =1.121.0-alpha.28, =1.20.3-alpha.1, =1.114.29, =1.121.23, =1.121.0-alpha.28, =1.97.4, =1.111.10, =1.121.0-alpha.28, =1.169.18 and more Source cves: unknown CVE Source...
OPENSUSE-SU-2026:20727-1 Security update for chromium
This update for chromium fixes the following issues: Changes in chromium: - Chromium 148.0.7778.167 boo1265159 - Chromium 148 148.0.7778.96 promoted to stable boo1264175 CVE-2026-7896: Integer overflow in Blink CVE-2026-7897: Use after free in Mobile CVE-2026-7898: Use after free in Chromoting...
Malicious code in @tanstack/solid-router-devtools (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d97a7cf294a17c17e22c7eead7d3de9f693c5488aecba96129d5b79b52f430de This version falls within the @tanstack/ package family compromised on 2026-05-11. The campaign published 42 packages × 2 versions each with the...
@alivault/pico (>=0.1.0 <=0.1.2), @ardeora/start-devtools (>=1.0.0 <=1.0.1) +121 more potentially affected by unknown CVE via @tanstack/start-storage-context (>=1.121.0-alpha.28 <=1.166.4)
@tanstack/start-storage-context NPM version =1.121.0-alpha.28, =0.1.0, =1.0.0, =0.0.1, =0.5.2, =0.1.1, =0.0.4, =1.0.0, =0.2.0, =0.2.0, =0.1.1, =0.2.0, =0.2.0, =0.1.14, =0.1.0, =0.1.38 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-3492...
Malicious code in @tanstack/vue-router-devtools (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7f7c609f55255a1ab5f7fc348536514f317d138538af5ec61ef4efc5a18b9014 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-3496 Malicious code in @tanstack/vue-router-devtools (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7f7c609f55255a1ab5f7fc348536514f317d138538af5ec61ef4efc5a18b9014 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...