968 matches found
Information disclosure
Inappropriate implementation in Content Security Policy in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass content security policy via a crafted HTML page. Chromium security severity: Medium...
CVE-2024-1676
Inappropriate implementation in Navigation in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to spoof security UI via a crafted HTML page. Chromium security severity: Low...
CVE-2024-1676
Inappropriate implementation in Navigation in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to spoof security UI via a crafted HTML page. Chromium security severity: Low...
CVE-2024-1674
CVE-2024-1674 is a Chrome/Chromium vulnerability: an inappropriate Navigation implementation allowed remote bypass of navigation restrictions via a crafted HTML page. Affected product is Google Chrome (Chromium core); vulnerable builds prior to 122.0.6261.57. Impact described as navigation bypass...
CVE-2024-1671
Inappropriate implementation in Site Isolation in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass content security policy via a crafted HTML page. Chromium security severity: Medium...
CVE-2024-1671
Inappropriate implementation in Site Isolation in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass content security policy via a crafted HTML page. Chromium security severity: Medium...
CVE-2024-1671
Inappropriate implementation in Site Isolation in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass content security policy via a crafted HTML page. Chromium security severity: Medium...
Google Chrome Security Update (stable-channel-update-for-desktop_20-2024-02) - Windows
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
GLSA-202402-23 : Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202402-23 Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities - Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.216 allowed an attacker in a privileged network position to install a...
chromium -- multiple security fixes
Chrome Releases reports: This update includes 12 security fixes: 41495060 High CVE-2024-1669: Out of bounds memory access in Blink. Reported by Anonymous on 2024-01-26 41481374 High CVE-2024-1670: Use after free in Mojo. Reported by Cassidy Kim@cassidy6564 on 2023-12-06 41487933 Medium...
Google Chrome < 122.0.6261.57 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 122.0.6261.57. It is, therefore, affected by multiple vulnerabilities as referenced in the 202402stable-channel-update-for-desktop20 advisory. - Insufficient policy enforcement in Download in Google Chrome prior to...
GLSA-202402-14 : QtWebEngine: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202402-14 QtWebEngine: Multiple Vulnerabilities - Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium...
CVE-2024-0811
Inappropriate implementation in Extensions API in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. Chromium security severity: Low...
CVE-2024-0805
Inappropriate implementation in Downloads in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to perform domain spoofing via a crafted domain name. Chromium security severity: Medium...
CVE-2024-0812
Inappropriate implementation in Accessibility in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Chromium security severity: High...
OPENSUSE-SU-2024:0020-1 Security update for chromium
This update for chromium fixes the following issues: - Chromium 120.0.6099.216 boo1217839, boo1218048, boo1218302, boo1218533, boo1218719 CVE-2024-0333: Insufficient data validation in Extensions CVE-2024-0222: Use after free in ANGLE CVE-2024-0223: Heap buffer overflow in ANGLE CVE-2024-0224: Us...
Debian DSA-5573-1 : chromium - security update
The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5573 advisory. Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. For the...
Chromium: CVE-2023-6512 Inappropriate implementation in Web Browser UI
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
CVE-2023-6511
Inappropriate implementation in Autofill in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. Chromium security severity: Low...
CVE-2023-6512
The CVE-2023-6512 issue affects Google Chrome’s Web Browser UI, where an inappropriate implementation in the UI could allow a remote attacker to spoof the contents of an iframe dialog context menu via a crafted HTML page. Affected product/versions include Chrome prior to 120.0.6099.62. The underl...