ROS-20260515-73-0020

A vulnerability in the Google Chrome web browser's DevTools web development toolkit is related to the failure to take measures to protect the structure of a web page. Exploitation of the vulnerability could allow a remote attacker to gain access to sensitive data and compromise its integrity...

PT-2026-23050

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 145.0.7632.159 Description An object lifecycle issue in the DevTools component of Google Chrome allowed an attacker to potentially exploit heap corruption. This exploitation could occur if a user was convinced t...

CVE-2026-3063

Inappropriate implementation in DevTools in Google Chrome prior to 145.0.7632.116 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via DevTools. Chromium security severity: High...

The vulnerability of Google Chrome’s DevTools component, which allows a hacker to trigger a service failure

The vulnerability of Google Chrome’s DevTools component is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerability of the DevTools set of tools for web development in Google Chrome allows a hacker to bypass security restrictions.

The vulnerability of the DevTools set of tools for web development in the Google Chrome browser is related to an incorrect path name limitation for the restricted access directory. Exploiting this vulnerability could allow a malicious actor to bypass security restrictions remotely...

CVE-2025-1915

Improper Limitation of a Pathname to a Restricted Directory in DevTools in Google Chrome on Windows prior to 134.0.6998.35 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted Chrome Extension. Chromium security severity: Mediu...

CVE-2024-9965

CVE-2024-9965 concerns Google Chrome/Chromium DevTools on Windows prior to 130.0.6723.58. The Debian advisory confirms the vulnerability allows remote code execution through a crafted HTML page after certain user UI interactions, due to insufficient data validation in DevTools. Affected user agen...

CVE-2024-6778

Race in DevTools in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. Chromium security severity: High...

The vulnerability of the DevTools set of tools for web development in Google Chrome allows a hacker to bypass existing security restrictions.

The vulnerability of the DevTools suite for web development in the Google Chrome browser relates to the use of memory after it is released. Exploiting this vulnerability can allow an attacker to circumvent existing security restrictions through a specially created HTML page...

CVE-2020-6447

Inappropriate implementation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to potentially exploit heap corruption via a crafted HTML page...

Starbucks: Thailand - Insecure Direct Object Reference permits an unauthorized user to transfer funds from a victim using only the victims Starbucks card

nnez discovered that a hacker could transfer funds from one Starbucks card to another by inspecting the form with Google Chrome DevTools and then change the forms "CardNumber" value to a victim's valid Starbucks card number. If the value entered for the "FullAmount" form field did not exceed the...

CVE-2019-5783

Missing URI encoding of untrusted input in DevTools in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to perform a Dangling Markup Injection attack via a crafted HTML page...

Google Chrome DevTools Boundary Read Vulnerability

Google Chrome is a popular web browser. A boundary read vulnerability exists in Google Chrome DevTools. An attacker can exploit the vulnerability to obtain sensitive information...