Lucene search
K

15 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:29 a.m.2 views

SUSE CVE-2014-3170

extensions/common/urlpattern.cc in Google Chrome before 37.0.2062.94 does not prevent use of a '\0' character in a host name, which allows remote attackers to spoof the extension permission dialog by relying on truncation after this character...

6.4CVSS9AI score0.0188EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/12/17 4:24 p.m.3 views

Mozilla: The proxy.onRequest API did not catch view-source URLs

The Mozilla Foundation Security Advisory describes this flaw as: When an extension with the proxy permission registered to receive , the proxy.onRequest callback was not triggered for view-source URLs. While web content cannot navigate to such URLs, a user opening View Source could have...

4.3CVSS7.3AI score0.01172EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/12/17 3:12 p.m.4 views

Mozilla: The proxy.onRequest API did not catch view-source URLs

The Mozilla Foundation Security Advisory describes this flaw as: When an extension with the proxy permission registered to receive , the proxy.onRequest callback was not triggered for view-source URLs. While web content cannot navigate to such URLs, a user opening View Source could have...

4.3CVSS7.3AI score0.01172EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2020/12/16 7:57 a.m.2 views

Mozilla: The proxy.onRequest API did not catch view-source URLs

The Mozilla Foundation Security Advisory describes this flaw as: When an extension with the proxy permission registered to receive , the proxy.onRequest callback was not triggered for view-source URLs. While web content cannot navigate to such URLs, a user opening View Source could have...

4.3CVSS7.3AI score0.01172EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2019/11/06 4:43 p.m.5 views

chromium-browser: Extension permission bypass

Insufficient policy enforcement in extensions in Google Chrome prior to 78.0.3904.70 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension...

4.3CVSS7.4AI score0.00584EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2019/11/04 12:0 a.m.46 views

openSUSE Security Update : chromium / re2 (openSUSE-2019-2420)

This update for chromium, re2 fixes the following issues : Chromium was updated to 78.0.3904.70 boo1154806 : - CVE-2019-13699: Use-after-free in media - CVE-2019-13700: Buffer overrun in Blink - CVE-2019-13701: URL spoof in navigation - CVE-2019-13702: Privilege elevation in Installer -...

8.8CVSS7.2AI score0.06643EPSS
Exploits1References22
OPENSUSE Linux
OPENSUSE Linux
added 2019/11/03 12:0 a.m.144 views

Security update for chromium, re2 (important)

openSUSE Security Update: Security update for chromium, re2 Announcement ID: openSUSE-SU-2019:2425-1 Rating: important References: 1154806 Cross-References: CVE-2019-13699 CVE-2019-13700 CVE-2019-13701 CVE-2019-13702 CVE-2019-13703 CVE-2019-13704 CVE-2019-13705 CVE-2019-13706 CVE-2019-13707...

8.8CVSS8AI score0.06643EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
added 2019/11/02 12:0 a.m.199 views

Security update for chromium, re2 (important)

openSUSE Security Update: Security update for chromium, re2 Announcement ID: openSUSE-SU-2019:2420-1 Rating: important References: 1154806 Cross-References: CVE-2019-13699 CVE-2019-13700 CVE-2019-13701 CVE-2019-13702 CVE-2019-13703 CVE-2019-13704 CVE-2019-13705 CVE-2019-13706 CVE-2019-13707...

8.8CVSS8AI score0.06643EPSS
Exploits1References1
Kaspersky
Kaspersky
added 2019/10/30 12:0 a.m.50 views

KLA11714 Multiple vulnerabilities in Opera

Multiple vulnerabilities were found in Opera Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, cause denial of service. Below is a complete list of vulnerabilities: 1. Cross-origin data leak vulnerability can be exploited to arbitrary code executio...

8.8CVSS9.3AI score0.06643EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2019/10/24 12:0 a.m.44 views

Google Chrome Security Updates (stable-channel-update-for-desktop_22-2019-10) - Linux

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

8.8CVSS6.9AI score0.06643EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2019/10/24 12:0 a.m.36 views

Google Chrome Security Updates (stable-channel-update-for-desktop_22-2019-10) - Mac OS X

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

8.8CVSS6.9AI score0.06643EPSS
Exploits1References1
CVE
CVE
added 2019/02/19 5:0 p.m.261 views

CVE-2019-5778

CVE-2019-5778 affects Google Chrome/Chromium extensions. The available description states a missing case in handling special schemes during permission request checks in Extensions, allowing bypass of extension permission checks for privileged pages via a crafted Chrome Extension (pre 72.0.3626.81...

6.5CVSS5.9AI score0.01014EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/09/23 12:0 a.m.31 views

openSUSE Security Update : chromium (openSUSE-SU-2014:1151-1)

Chromium was updated to 37.0.2062.94 containing security Fixes bnc893720. A full list of changes is available in the log : https://chromium.googlesource.com/chromium/src/+log/36.0.1985.0..37.0. 2062.0?pretty=full This update includes 50 security fixes. Below, we highlight fixes that were either...

10CVSS8.9AI score0.09758EPSS
Exploits0References13
CVE
CVE
added 2014/08/27 1:0 a.m.64 views

CVE-2014-3170

CVE-2014-3170 affects Google Chrome/Chromium prior to version 37.0.2062.94, where extensions/common/url_pattern.cc fails to prevent a '\0' character in a host name. This allows an attacker to spoof the extension permission dialog by truncation after the null character. Debian and openSUSE advisor...

6.4CVSS5.9AI score0.0188EPSS
Exploits0References11Affected Software1
Debian CVE
Debian CVE
added 2014/08/27 1:0 a.m.23 views

CVE-2014-3170

Removed by vendor...

6.4CVSS9.4AI score0.0188EPSS
Exploits0
Rows per page
Query Builder