1945 matches found
CVE-2022-4187
CVE-2022-4187 affects Google Chrome/DevTools on Windows prior to 108.0.5359.71, where insufficient policy enforcement in DevTools could allow a remote attacker to bypass filesystem restrictions via a crafted HTML page. The vulnerability is listed with a Chromium/Chrome Medium severity and is amon...
CVE-2022-4189
Insufficient policy enforcement in DevTools in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2022-4187
Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 108.0.5359.71 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. Chromium security severity: Medium...
CVE-2022-4189
Insufficient policy enforcement in DevTools in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. Chromium security severity: Medium...
Google Chrome < 108.0.5359.71 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 108.0.5359.71. It is, therefore, affected by multiple vulnerabilities as referenced in the 202211stable-channel-update-for-desktop29 advisory. - Use after free in Accessibility in Google Chrome prior to 108.0.5359.71...
GLSA-202210-16 : Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202210-16 Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities - Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to...
MAL-2022-6269 Malicious code in spring-boot-devtools (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 24c0313226e487a37c9158c78bc620c0306eb778d0aa789677c0c77811785295 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in spring-boot-devtools (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 24c0313226e487a37c9158c78bc620c0306eb778d0aa789677c0c77811785295 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2022-37609
Prototype pollution vulnerability in beautify-web js-beautify 1.13.7 via the name variable in options.js...
Debian DSA-5244-1 : chromium - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5244 advisory. - Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install...
GLSA-202209-23 : Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202209-23 Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities - Use after free in Network Service in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted...
Google Chrome Input Validation Error Vulnerability (CNVD-2022-81241)
Google Chrome is a web browser from Google, an American company. An input validation error vulnerability exists in the DevTools component of Google Chrome versions prior to 105.0.5195.125. An attacker can exploit this vulnerability to convince users to install a malicious extension that bypasses...
Google Chrome < 106.0.5249.61 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 106.0.5249.61. It is, therefore, affected by multiple vulnerabilities as referenced in the 202209stable-channel-update-for-desktop27 advisory. - Use after free in ChromeOS Notifications in Google Chrome on ChromeOS prior ...
Google Chrome < 106.0.5249.61 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 106.0.5249.61. It is, therefore, affected by multiple vulnerabilities as referenced in the 202209stable-channel-update-for-desktop27 advisory. - Use after free in ChromeOS Notifications in Google Chrome on ChromeOS prio...
FreeBSD : chromium -- multiple vulnerabilities (18529cb0-3e9c-11ed-9bc7-3065ec8fd3ec)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 18529cb0-3e9c-11ed-9bc7-3065ec8fd3ec advisory. - Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior t...
PT-2022-6772 · Google +1 · Google Chrome +1
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 106.0.5249.62 Description: The issue is related to insufficient data validation in DevTools, allowing a remote attacker to bypass content security policy via a crafted HTML page. This could potentially impact a...
openSUSE 15 Security Update : opera (openSUSE-SU-2022:10130-1)
The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:10130-1 advisory. - Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a...
DEBIAN-CVE-2022-3201
Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. Chromium security severity: High...
CVE-2022-3201
Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. Chromium security severity: High...
CVE-2022-3054
Insufficient policy enforcement in DevTools in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...