1945 matches found
UBUNTU-CVE-2023-0704
Insufficient policy enforcement in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to bypass same origin policy and proxy settings via a crafted HTML page. Chromium security severity: Low...
KLA20220 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Implementation vulnerability in Full screen mode can be exploited to cause denial of service...
CVE-2023-0704
Insufficient policy enforcement in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to bypass same origin policy and proxy settings via a crafted HTML page. Chromium security severity: Low...
CVE-2023-0703
Type confusion in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interactions. Chromium security severity: Medium...
CVE-2023-0703
CVE-2023-0703 is a Type Confusion vulnerability in Chrome/Chromium DevTools. A remote attacker could trigger heap corruption via UI interactions, requiring user participation, in Chrome versions prior to 110.0.5481.77. The issue is fixed in the Chrome 110 security release (and related Debian secu...
chromium -- multiple vulnerabilities
Chrome Releases reports: This release contains 15 security fixes, including: 1402270 High CVE-2023-0696: Type Confusion in V8. Reported by Haein Lee at KAIST Hacking Lab on 2022-12-18 1341541 High CVE-2023-0697: Inappropriate implementation in Full screen mode. Reported by Ahmed ElMasry on...
Google Chrome 安全漏洞
Google Chrome is a web browser from Google, Inc. in the United States. A security vulnerability exists in Google Chrome versions prior to 110.0.5481.77 that stems from a type confusion issue in DevTools. An attacker could exploit the vulnerability to cause heap corruption via UI interaction...
CVE-2023-0704
CVE-2023-0704 affects Google Chrome/Chromium DevTools. The issue is an insufficient policy enforcement flaw that allowed a remote attacker to bypass the same-origin policy and proxy settings via a crafted HTML page. Affected versions are prior to 110.0.5481.77. Chrome’s security fixes released in...
CVE-2023-0704
Insufficient policy enforcement in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to bypass same origin policy and proxy settings via a crafted HTML page. Chromium security severity: Low...
CVE-2023-0703
Type confusion in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interactions. Chromium security severity: Medium...
Stable Channel Update for Desktop
The Chrome team is delighted to announce the promotion of Chrome 110 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 110.0.5481.77/.78 for Windows, 110.0.5481.77 for Mac and Linux contains a number of fixes and improvements -- a list of...
Mozilla: Malicious command could be hidden in devtools output
The Mozilla Foundation Security Advisory describes this flaw as: When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within...
Mozilla: Malicious command could be hidden in devtools output
The Mozilla Foundation Security Advisory describes this flaw as: When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within...
Mozilla: Malicious command could be hidden in devtools output
The Mozilla Foundation Security Advisory describes this flaw as: When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within...
Mozilla: Malicious command could be hidden in devtools output
The Mozilla Foundation Security Advisory describes this flaw as: When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within...
Mozilla: Malicious command could be hidden in devtools output
The Mozilla Foundation Security Advisory describes this flaw as: When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within...
Mozilla: Malicious command could be hidden in devtools output
The Mozilla Foundation Security Advisory describes this flaw as: When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within...
Mozilla: Malicious command could be hidden in devtools output
The Mozilla Foundation Security Advisory describes this flaw as: When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within...
thunderbird security update
An update is available for thunderbird. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. This updat...
Mozilla: Malicious command could be hidden in devtools output
The Mozilla Foundation Security Advisory describes this flaw as: When copying a network request from the developer tools panel as a curl command the output was not being properly sanitized and could allow arbitrary commands to be hidden within...