12 matches found
EUVD-2026-40548
Insufficient policy enforcement in Web Authentication Passkeys & Security Keys in Google Chrome on iOS prior to 150.0.7871.47 allowed an attacker in a privileged network position to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
DEBIAN-CVE-2026-13948
Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Medium...
PT-2026-54328
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient policy enforcement in Extensions allows a remote attacker who has compromised the renderer process to leak cross-origin data through a crafted HTML page. Recommendations...
EUVD-2026-34743
Insufficient policy enforcement in Sandbox in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...
EUVD-2026-34713
Insufficient policy enforcement in Content Settings in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: Low...
A Systematic Taxonomy of Security Vulnerabilities in the OpenClaw AI Agent Framework
AI agent frameworks connecting large language model LLM reasoning to host execution surfaces--shell, filesystem, containers, and messaging--introduce security challenges structurally distinct from conventional software. We present a systematic taxonomy of 190 advisories filed against OpenClaw, an...
DEBIAN-CVE-2020-16027
Insufficient policy enforcement in developer tools in Google Chrome prior to 87.0.4280.66 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from the user's disk via a crafted Chrome Extension...
chromium-browser: Insufficient policy enforcement in payments
Insufficient policy enforcement in payments in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...
DEBIAN-CVE-2020-6486
Insufficient policy enforcement in navigations in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...
chromium-browser: Cross-origin data leak
Insufficient policy enforcement in JavaScript in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
chromium-browser: Insufficient policy enforcement in Omnibox
Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted domain name...
Google Chrome has an unspecified vulnerability (CNVD-2019-04917)
Google Chrome is a web browser developed by the American company Google Google. A security vulnerability exists in Google Chrome versions prior to 72.0.3626.81, which stems from the program failing to adequately enforce policies. No details of the vulnerability are provided at this time...