61 matches found
Astra Linux – Vulnerability in Chromium
In the Managed Devices API of Google Chrome, before version 104.0.5112.79, a remote attacker who convinced a user to enable a specific Enterprise policy could potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Insufficient policy enforcement in downloads within Google Chrome prior to 117.0.5938.62 allowed a remote attacker to bypass enterprise policy restrictions through a malicious download. Chromium security severity: Medium...
Astra Linux – Vulnerability in Chromium
Insufficient policy enforcement in the Extensions API in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy through a crafted HTML page. Chromium security severity: Medium...
Astra Linux – Vulnerability in Chromium
Inappropriate implementation in the Extensions API in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy through a crafted HTML page. Chromium security severity: Medium...
Astra Linux – Vulnerability in Chromium
Insufficient policy enforcement in the Extensions API in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy through a crafted HTML page. Chromium security severity: Medium...
Epmm + Sentry Not Affected by Cve-2026-4408 or Cve-2026-4480
Last Modified Date Jun 5, 2026 4:45:08 PM...
CVE-2026-5901
Insufficient policy enforcement in DevTools in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to bypass enterprise host restrictions for cookie modification via a crafted Chrome Extension. Chromium security severity: Low...
CVE-2023-39335
A security vulnerability has been identified in EPMM Versions 11.10, 11.9 and 11.8 and older allowing an unauthenticated threat actor to impersonate any existing user during the device enrollment process. This issue poses a significant security risk, as it enables unauthorized access and potentia...
Fedora 39 : chromium (2023-0b39dc9302)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-0b39dc9302 advisory. update to 118.0.5993.117. Security release for CVE-2023-5472 ---- Update to 118.0.5993.88 ---- Update to 118.0.5993.70. Include following security...
Improper Authorization
chromium is vulnerable to Improper Authorization. The vulnerability allows an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page...
CVE-2023-5479
Inappropriate implementation in Extensions API in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. Chromium security severity: Medium...
DEBIAN-CVE-2023-5479
Inappropriate implementation in Extensions API in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. Chromium security severity: Medium...
CVE-2023-5479
Inappropriate implementation in Extensions API in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. Chromium security severity: Medium...
Code injection
Inappropriate implementation in Extensions API in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. Chromium security severity: Medium...
CVE-2023-5479
Inappropriate implementation in Extensions API in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. Chromium security severity: Medium...
CVE-2023-5479
CVE-2023-5479 corresponds to an insufficiently secure Extensions API in Google Chrome/Chromium before 118.0.5993.70, enabling a user-assisted bypass of enterprise policy via a crafted HTML page if a malicious extension is installed. Public details across connected documents confirm the affected c...
CVE-2023-5479
Inappropriate implementation in Extensions API in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. Chromium security severity: Medium...
SUSE CVE-2023-5479
Inappropriate implementation in Extensions API in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. Chromium security severity: Medium...
CVE-2023-5479
Inappropriate implementation in Extensions API in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. Chromium security severity: Medium...
PT-2023-6119 · Microsoft +5 · Edge +5
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 118.0.5993.70 Microsoft Edge affected versions not specified Description: The issue is related to an inappropriate implementation in the Extensions API, allowing an attacker to bypass an enterprise policy via a...