Lucene search
+L

722 matches found

Wired Threat Level
Wired Threat Level
added 2020/09/25 2:0 p.m.25 views

The Best Chrome Extensions to Prevent Creepy Web Tracking

Ad trackers follow you everywhere online—but it doesn’t have to be that way...

4AI score
Exploits0
OSV
OSV
added 2020/09/21 8:15 p.m.2 views

DEBIAN-CVE-2020-6554

Use after free in extensions in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension...

8.6CVSS8.8AI score0.00615EPSS
Exploits0References1
OSV
OSV
added 2020/09/21 8:15 p.m.6 views

CVE-2020-15966

Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension...

4.3CVSS8.4AI score
Exploits0References12
OSV
OSV
added 2020/09/21 8:15 p.m.3 views

DEBIAN-CVE-2020-15966

Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension...

4.3CVSS6.1AI score0.01331EPSS
Exploits1References1
OSV
OSV
added 2020/09/21 8:15 p.m.2 views

DEBIAN-CVE-2020-15961

Insufficient policy validation in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension...

9.6CVSS8.3AI score0.01473EPSS
Exploits1References1
OSV
OSV
added 2020/09/21 8:15 p.m.2 views

UBUNTU-CVE-2020-6554

Use after free in extensions in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension...

8.6CVSS7.3AI score0.00615EPSS
Exploits0References2
OSV
OSV
added 2020/09/21 8:15 p.m.2 views

UBUNTU-CVE-2020-15966

Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension...

4.3CVSS5.8AI score0.01331EPSS
Exploits1References5
OSV
OSV
added 2020/09/21 8:15 p.m.3 views

UBUNTU-CVE-2020-15963

Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension...

9.6CVSS7.3AI score0.01473EPSS
Exploits1References5
Malwarebytes
Malwarebytes
added 2020/09/14 2:49 p.m.52 views

Lock and Code S1Ep15: Safely using Google Chrome Extensions with Pieter Arntz

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Pieter Arntz, malware intelligence researcher for Malwarebytes, about Google Chrome extensions. These sometimes helpful online tools that work directly...

7.2AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2020/08/06 12:0 a.m.6 views

The vulnerability of Google Chrome browser extensions, related to the lack of privilege control mechanisms and access management tools, allows attackers to gain access to confidential data.

The vulnerability of Google Chrome browser extensions is related to the lack of mechanisms for privilege control and access management. Exploiting this vulnerability allows a malicious actor to gain access to confidential data through a specially created extension...

4.3CVSS6.6AI score0.01153EPSS
Exploits0References12Affected Software5
BDU FSTEC
BDU FSTEC
added 2020/08/06 12:0 a.m.7 views

The vulnerability of Google Chrome browser extensions, related to the use of memory areas after they are freed, allows attackers to gain access to confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of Google Chrome browser extensions is related to the use of memory areas after they are freed. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and even cause service failures through a specially created extensio...

9.3CVSS7.3AI score0.014EPSS
Exploits0References12Affected Software5
OSV
OSV
added 2020/07/22 5:15 p.m.2 views

DEBIAN-CVE-2020-6509

Use after free in extensions in Google Chrome prior to 83.0.4103.116 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension...

9.6CVSS8.4AI score0.0083EPSS
Exploits0References1
OSV
OSV
added 2020/07/22 5:15 p.m.2 views

UBUNTU-CVE-2020-6509

Use after free in extensions in Google Chrome prior to 83.0.4103.116 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension...

9.6CVSS7.3AI score0.0083EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2020/06/22 10:10 a.m.4 views

Over 100 New Chrome Browser Extensions Caught Spying On Users

Google recently removed 106 more extensions from its Chrome Web Store after they were found illegally collecting sensitive user data as part of a "massive global surveillance campaign" targeting oil and gas, finance, and healthcare sectors. Awake Security, which disclosed the findings late last...

5.5AI score
Exploits0
ThreatPost
ThreatPost
added 2020/06/19 4:50 p.m.38 views

News Wrap: Malicious Chrome Extensions Removed, CIA 'Woefully Lax' Security Policies Bashed

For the week ended June 19, Threatpost editors Lindsey O’Donnell Welch, Tom Spring and Tara Seals break down the top cybersecurity stories. This week’s top news stories include: Google removing 106 Chrome browser extensions from its Chrome Web Store in response to a report that they were being us...

7.2AI score
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2020/04/23 12:0 a.m.11 views

The vulnerability of Google Chrome browser extensions, related to insufficient validation of input data, allows attackers to gain access to confidential information.

The vulnerability of Google Chrome browser extensions is related to insufficient validation of input data. Exploiting this vulnerability can allow a remote attacker to gain access to confidential data...

7.1CVSS7AI score0.00593EPSS
Exploits0References9Affected Software4
The Hacker News
The Hacker News
added 2020/04/15 10:40 a.m.9 views

49 New Google Chrome Extensions Caught Hijacking Cryptocurrency Wallets

Google has ousted 49 Chrome browser extensions from its Web Store that masqueraded as cryptocurrency wallets but contained malicious code to siphon off sensitive information and empty the digital currencies. The 49 browser add-ons, potentially the work of Russian threat actors, were identified fi...

5.9AI score
Exploits0
OSV
OSV
added 2020/04/13 6:15 p.m.0 views

DEBIAN-CVE-2020-6454

Use after free in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension...

8.8CVSS7.9AI score0.014EPSS
Exploits0References1
OSV
OSV
added 2020/04/13 6:15 p.m.1 views

DEBIAN-CVE-2020-6435

Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page...

4.3CVSS6.5AI score0.01619EPSS
Exploits0References1
OSV
OSV
added 2020/04/13 6:15 p.m.2 views

DEBIAN-CVE-2020-6433

Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...

4.3CVSS6.5AI score0.01619EPSS
Exploits0References1
Rows per page
Query Builder