EUVD-2016-2720

Malware in sbrugna...

Debian Security Advisory DSA 3486-1 (chromium-browser - security update)

Several vulnerabilities have been discovered in the chromium web browser. CVE-2016-1622 It was discovered that a maliciously crafted extension could bypass the Same Origin Policy. CVE-2016-1623 Mariusz Mlynski discovered a way to bypass the Same Origin Policy. CVE-2016-1624 lukezli discovered a...

chromium-browser: navigation bypass in Chrome Instant

The Chrome Instant feature in Google Chrome before 48.0.2564.109 does not ensure that a New Tab Page NTP navigation target is on the most-visited or suggestions list, which allows remote attackers to bypass intended restrictions via unspecified vectors, related to instantservice.cc and...

Google Chrome Instant Feature Security Restriction Bypass Vulnerability

Google Chrome is a web browsing tool developed by Google. A security vulnerability exists in versions prior to Google Chrome 48.0.2564.109 due to the Chrome Instant feature not ensuring that NTP navigation targets are in the most frequently viewed or suggested list. A remote attacker can exploit...

CVE-2016-1625

The Chrome Instant feature in Google Chrome before 48.0.2564.109 does not ensure that a New Tab Page NTP navigation target is on the most-visited or suggestions list, which allows remote attackers to bypass intended restrictions via unspecified vectors, related to instantservice.cc and...

UBUNTU-CVE-2016-1625

The Chrome Instant feature in Google Chrome before 48.0.2564.109 does not ensure that a New Tab Page NTP navigation target is on the most-visited or suggestions list, which allows remote attackers to bypass intended restrictions via unspecified vectors, related to instantservice.cc and...

Google Chrome < 48.0.2564.109 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 48.0.2564.109. It is, therefore, affected by multiple vulnerabilities as referenced in the 201602stable-channel-update9 advisory. - The Developer Tools aka DevTools subsystem in Google Chrome before 48.0.2564.109 does n...

FreeBSD : chromium -- multiple vulnerabilities (36034227-cf81-11e5-9c2b-00262d5ed8ee)

Google Chrome Releases reports : 6 security fixes in this release, including : - 546677 High CVE-2016-1622: Same-origin bypass in Extensions. Credit to anonymous. - 577105 High CVE-2016-1623: Same-origin bypass in DOM. Credit to Mariusz Mlynski. - 509313 Medium CVE-2016-1625: Navigation bypass in...

UBUNTU-CVE-2015-2239

Google Chrome before 41.0.2272.76, when Instant Extended mode is used, does not properly consider the interaction between the "1993 search" features and restore-from-disk RELOAD transitions, which makes it easier for remote attackers to spoof the address bar for a search-results page by leveragin...

Google Ships Chrome 9, Plug Nine Security Holes

Google has officially released version 9.0.597.84 of its Chrome web browser to stable and beta channels for Windows, Mac and Linux, an update that addresses nine separate security vulnerabilities. According to Google’s Chrome Releases blog, one of the vulnerabilities is rated critical while two a...