12 matches found
PT-2026-54196
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient policy enforcement in Extensions allows a remote attacker who has compromised the renderer process to bypass site isolation by using a crafted HTML page. Site isolation is ...
EUVD-2026-34658
Insufficient policy enforcement in Workers in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-8572
Insufficient policy enforcement in Network in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-8019
CVE-2026-8019 describes insufficient policy enforcement in the Chrome WebApp, allowing a remote attacker to trigger UI spoofing through a crafted HTML page in Chrome versions before 148.0.7778.96. The root cause is restricted policy enforcement within WebApp handling. Impact is UI spoofing; no ex...
CVE-2026-5880
CVE-2026-5880 involves Google Chrome prior to 147.0.7727.55, where insufficient policy enforcement in the browser UI allowed a remote attacker who had compromised the renderer process to spoof the Omnibox (URL bar) contents via a crafted HTML page. The vulnerability affects the Chrome/Chromium UI...
EUVD-2017-6879
Malware in sbrugna...
SUSE CVE-2022-3308
Insufficient policy enforcement in developer tools in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
Google Chromium Security Vulnerability
Google Chromium is an open-source web browser from Google, USA. A security vulnerability previously existed in Google Chromium version 88.0.4324.96, which stemmed from the discovery of insufficient security for policy enforcement in the program extension component...
chromium-browser: Insufficient policy enforcement in developer tools
Insufficient policy enforcement in developer tools in Google Chrome prior to 79.0.3945.79 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted HTML page...
chromium-browser: Extensions can read some local files
Insufficient policy enforcement in extensions in Google Chrome prior to 77.0.3865.75 allowed an attacker who convinced a user to install a malicious extension to read local files via a crafted Chrome Extension...
chromium-browser: CSP bypass
Insufficient policy enforcement in navigations in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass content security policy via a crafted HTML page...
Google Chrome Insufficient Policy Enforcement Vulnerability
Chrome is a web browsing tool developed by Google. A policy enforcement insufficiency vulnerability exists in Canvas in versions of Google Chrome prior to 72.0.3626.81. An attacker can exploit this vulnerability to leak cross-origin data via a crafted HTML page...