487 matches found
CVE-2026-9115
Insufficient policy enforcement in Service Worker in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...
CVE-2026-9115
Insufficient policy enforcement in Service Worker in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...
CVE-2026-9115
Insufficient policy enforcement in Service Worker in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...
EUVD-2026-31161
Insufficient policy enforcement in Service Worker in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...
CVE-2026-9115
CVE-2026-9115 : In Google Chrome, the Service Worker policy enforcement is insufficient prior to 148.0.7778.179, permitting a remote attacker to bypass the same-origin policy via a crafted HTML page. Affected: Chrome/Chromium's Service Worker. Impact is a potential cross-origin bypass as describe...
CVE-2026-9115
Insufficient policy enforcement in Service Worker in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...
CVE-2026-9115
Insufficient policy enforcement in Service Worker in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
Memory access beyond the allowed boundaries in the Service Worker API in Google Chrome prior to version 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
Before version 103.0.5060.134, using the "after free" method in the Service Worker API in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Thunderbird
When an HTTPS page is embedded in an HTTP page, and a service worker is registered for the former, the service worker could intercept the request for the secure page. This occurs even though the iframe does not belong to a secure context due to the insecure framing. This vulnerability affects...
Astra Linux – Vulnerability in Chromium
Memory access beyond the allowed boundaries in the Service Worker API in Google Chrome prior to version 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
Inappropriate implementation in the Service Worker API in Google Chrome prior to version 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation through a crafted HTML page...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.179 contained a security vulnerability. This vulnerability stemmed from insufficient execution of Service Worker policies, which could allow remote attackers to bypass the same-origin policy...
KLA91066 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in WebRTC can be exploite...
PT-2026-42235
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.179 Description Insufficient policy enforcement in the Service Worker allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or script...
Stable Channel Update for Desktop
The Stable channel has been updated to 148.0.7778.178/179 for Windows/Mac and 148.0.7778.178 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log Security Fixes and Rewards Note: Access to bug details and links may be kept...
CVE-2026-7922
An use after free flaw was found in the ServiceWorker component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=499449324...
CVE-2026-7909
An inappropriate implementation flaw was found in the ServiceWorker component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497437113...
SUSE CVE-2026-7958
Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML UXSS via a crafted Chrome Extension. Chromium security severity: Medium...
NPM: Cinny vulnerable to access token disclosure via invalidated emoji pack avatar URL in service worker
NPM: Cinny vulnerable to access token disclosure via invalidated emoji pack avatar URL in service worker vulnerability discovered by ? in WordPress Npm cinny versions 4.10.3...