Lucene search
K

18 matches found

NVD
NVD
added 2026/06/30 11:17 p.m.4 views

CVE-2026-13948

Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Medium...

3.1CVSS0.00156EPSS
Exploits0References2
NVD
NVD
added 2026/06/30 11:17 p.m.9 views

CVE-2026-13919

Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00319EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:39 p.m.4 views

CVE-2026-14047

Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension. Chromium security severity: Low...

4.3CVSS5.8AI score0.00175EPSS
Exploits0
CVE
CVE
added 2026/06/30 10:37 p.m.13 views

CVE-2026-13824

CVE-2026-13824 concerns Google Chrome extensions policy enforcement. The issue is described as insufficient policy enforcement in Chrome’s Extensions, allowing a remote attacker who has compromised the renderer process to escalate privileges via a crafted HTML page. The public notes specify the v...

7.5CVSS5.8AI score0.00277EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/05 12:31 a.m.15 views

EUVD-2026-34728

Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension. Chromium security severity: Low...

5.8AI score0.00139EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/04 11:6 p.m.9 views

CVE-2026-11267

Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension. Chromium security severity: Low...

5.4AI score0.00139EPSS
Exploits0References2
CVE
CVE
added 2026/06/04 11:4 p.m.22 views

CVE-2026-11062

CVE-2026-11062 affects Google Chrome extensions: insufficient policy enforcement in Extensions allows an attacker to inject scripts/HTML into a privileged page when a user installs a crafted malicious extension. Impact is partial integrity compromise of privileged pages; exploit not confirmed in ...

4.3CVSS5.8AI score0.00135EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/04 11:4 p.m.9 views

CVE-2026-11014

Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass site isolation via a crafted Chrome Extension. Chromium security severity: Medium...

6.5CVSS5.3AI score0.00214EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/06 6:12 p.m.32 views

CVE-2026-7952

Insufficient policy enforcement in Extensions in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass discretionary access control via a crafted HTML page. Chromium security severity: Medium...

0.00172EPSS
Exploits0References2
NVD
NVD
added 2026/03/11 10:16 p.m.5 views

CVE-2026-3928

Insufficient policy enforcement in Extensions in Google Chrome prior to 146.0.7680.71 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Medium...

4.3CVSS0.00123EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/10 8:0 p.m.1 views

CVE-2025-12436

Policy bypass in Extensions in Google Chrome prior to 142.0.7444.59 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension. Chromium security severity: Medium...

5.3AI score0.00152EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-25145

Malicious code in bioql PyPI...

4.3CVSS7.2AI score0.00472EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:2 a.m.4 views

SUSE CVE-2020-6433

Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...

4.3CVSS5.9AI score0.01619EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:56 a.m.2 views

SUSE CVE-2020-15966

Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension...

4.3CVSS6AI score0.01331EPSS
Exploits1References8
SUSE CVE
SUSE CVE
added 2023/02/15 3:32 a.m.2 views

SUSE CVE-2022-3047

Insufficient policy enforcement in Extensions API in Google Chrome prior to 105.0.5195.52 allowed an attacker who convinced a user to install a malicious extension to bypass downloads policy via a crafted HTML page...

6.5CVSS6.7AI score0.0045EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2022/07/27 10:15 p.m.6 views

CVE-2022-1872

Insufficient policy enforcement in Extensions API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass downloads policy via a crafted HTML page...

4.3CVSS6.1AI score0.00472EPSS
Exploits0References4
OSV
OSV
added 2020/02/11 3:15 p.m.1 views

DEBIAN-CVE-2020-6392

Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension...

4.3CVSS6.1AI score0.01481EPSS
Exploits1References1
OSV
OSV
added 2020/02/11 3:15 p.m.1 views

DEBIAN-CVE-2020-6380

Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.130 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted Chrome Extension...

8.8CVSS7.1AI score0.01195EPSS
Exploits0References1
Rows per page
Query Builder