790 matches found
CVE-2020-6489
CVE-2020-6489 corresponds to an inappropriately implemented behavior in Google Chrome’s developer tools prior to 83.0.4103.61. The issue is described as an implementation error in the developer tools component, enabling a remote attacker who tricks a user into performing certain actions on a craf...
CVE-2020-6482
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension...
CVE-2020-6482
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension...
CVE-2020-6471
CVE-2020-6471 concerns Google Chrome prior to 83.0.4103.61, where insufficient policy enforcement in the Developer Tools could allow a user-initiated extension to escape the sandbox. The vulnerability is attributed to a policy enforcement error in the Chromium developer tools component, potential...
CVE-2020-6472
CVE-2020-6472 affects Chromium-based browsers (e.g., Chrome/Chromium) through the developer tools policy enforcement component. Affected version lineage is before 83.0.4103.61, per multiple advisories. The vulnerability is a policy enforcement error in the developer tools that could allow an atta...
CVE-2020-6472
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory or disk via a crafted Chrome Extension...
CVE-2020-6469
CVE-2020-6469 concerns Google Chrome/Chromium's developer tools. The connected sources explicitly describe an "insufficient policy enforcement" issue in the developer tools before Chrome 83.0.4103.61, which could allow an attacker to persuade a user to install a malicious extension and potentiall...
CVE-2020-6489
Inappropriate implementation in developer tools in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had convinced the user to take certain actions in developer tools to obtain potentially sensitive information from disk via a crafted HTML page...
CVE-2020-6482
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension...
CVE-2020-6472
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory or disk via a crafted Chrome Extension...
Google Chrome Security Bypass Vulnerability (CNVD-2020-29306)
Google Chrome is a web browser from Google, an American company. A security vulnerability exists in Developer Tools in versions prior to Google Chrome 83.0.4103.61, which stems from the program's failure to fully enforce policies. An attacker can exploit the vulnerability to bypass security...
Google Chrome Security Bypass Vulnerability (CNVD-2020-29228)
Google Chrome is a web browser from Google, an American company. A security vulnerability exists in the developer tools in Google Chrome versions prior to 83.0.4103.61. An attacker can exploit the vulnerability to bypass security restrictions with the help of a specially crafted website...
Google Chrome Security Bypass Vulnerability (CNVD-2020-29235)
Google Chrome is a web browser from Google, an American company. A security vulnerability exists in the developer tools in Google Chrome versions prior to 83.0.4103.61. An attacker can exploit the vulnerability to bypass security restrictions with the help of a specially crafted website...
Google Chrome Security Bypass Vulnerability (CNVD-2020-29309)
Google Chrome is a web browser from Google, an American company. A security vulnerability exists in Developer Tools in versions prior to Google Chrome 83.0.4103.61, which stems from the program's failure to fully enforce policies. An attacker can exploit the vulnerability to bypass security...
Google Chrome Security Bypass Vulnerability (CNVD-2020-29307)
Google Chrome is a web browser from Google, an American company. A security vulnerability exists in Developer Tools in versions prior to Google Chrome 83.0.4103.61, which stems from the program's failure to fully enforce policies. An attacker can exploit the vulnerability to bypass security...
CVE-2019-13023
An issue was discovered in all versions of Bond JetSelect. Within the JetSelect Application, the web interface hides RADIUS secrets, WPA passwords, and SNMP strings from 'non administrative' users using HTML 'password field' obfuscation. By using Developer tools or similar, it is possible to chan...
Hardcoded credentials
An issue was discovered in all versions of Bond JetSelect. Within the JetSelect Application, the web interface hides RADIUS secrets, WPA passwords, and SNMP strings from 'non administrative' users using HTML 'password field' obfuscation. By using Developer tools or similar, it is possible to chan...
CVE-2019-13023
An issue was discovered in all versions of Bond JetSelect. Within the JetSelect Application, the web interface hides RADIUS secrets, WPA passwords, and SNMP strings from 'non administrative' users using HTML 'password field' obfuscation. By using Developer tools or similar, it is possible to chan...
KLA11772 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in .NET Framework can be...
Mozilla: Arbitrary local file access with 'Copy as cURL'
The Mozilla Foundation Security Advisory describes this flaw as: The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, i...