15 matches found
SUSE CVE-2014-3170
extensions/common/urlpattern.cc in Google Chrome before 37.0.2062.94 does not prevent use of a '\0' character in a host name, which allows remote attackers to spoof the extension permission dialog by relying on truncation after this character...
Mozilla: The proxy.onRequest API did not catch view-source URLs
The Mozilla Foundation Security Advisory describes this flaw as: When an extension with the proxy permission registered to receive , the proxy.onRequest callback was not triggered for view-source URLs. While web content cannot navigate to such URLs, a user opening View Source could have...
Mozilla: The proxy.onRequest API did not catch view-source URLs
The Mozilla Foundation Security Advisory describes this flaw as: When an extension with the proxy permission registered to receive , the proxy.onRequest callback was not triggered for view-source URLs. While web content cannot navigate to such URLs, a user opening View Source could have...
Mozilla: The proxy.onRequest API did not catch view-source URLs
The Mozilla Foundation Security Advisory describes this flaw as: When an extension with the proxy permission registered to receive , the proxy.onRequest callback was not triggered for view-source URLs. While web content cannot navigate to such URLs, a user opening View Source could have...
chromium-browser: Extension permission bypass
Insufficient policy enforcement in extensions in Google Chrome prior to 78.0.3904.70 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension...
openSUSE Security Update : chromium / re2 (openSUSE-2019-2420)
This update for chromium, re2 fixes the following issues : Chromium was updated to 78.0.3904.70 boo1154806 : - CVE-2019-13699: Use-after-free in media - CVE-2019-13700: Buffer overrun in Blink - CVE-2019-13701: URL spoof in navigation - CVE-2019-13702: Privilege elevation in Installer -...
Security update for chromium, re2 (important)
openSUSE Security Update: Security update for chromium, re2 Announcement ID: openSUSE-SU-2019:2425-1 Rating: important References: 1154806 Cross-References: CVE-2019-13699 CVE-2019-13700 CVE-2019-13701 CVE-2019-13702 CVE-2019-13703 CVE-2019-13704 CVE-2019-13705 CVE-2019-13706 CVE-2019-13707...
Security update for chromium, re2 (important)
openSUSE Security Update: Security update for chromium, re2 Announcement ID: openSUSE-SU-2019:2420-1 Rating: important References: 1154806 Cross-References: CVE-2019-13699 CVE-2019-13700 CVE-2019-13701 CVE-2019-13702 CVE-2019-13703 CVE-2019-13704 CVE-2019-13705 CVE-2019-13706 CVE-2019-13707...
KLA11714 Multiple vulnerabilities in Opera
Multiple vulnerabilities were found in Opera Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, cause denial of service. Below is a complete list of vulnerabilities: 1. Cross-origin data leak vulnerability can be exploited to arbitrary code executio...
Google Chrome Security Updates (stable-channel-update-for-desktop_22-2019-10) - Linux
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
Google Chrome Security Updates (stable-channel-update-for-desktop_22-2019-10) - Mac OS X
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
CVE-2019-5778
CVE-2019-5778 affects Google Chrome/Chromium extensions. The available description states a missing case in handling special schemes during permission request checks in Extensions, allowing bypass of extension permission checks for privileged pages via a crafted Chrome Extension (pre 72.0.3626.81...
openSUSE Security Update : chromium (openSUSE-SU-2014:1151-1)
Chromium was updated to 37.0.2062.94 containing security Fixes bnc893720. A full list of changes is available in the log : https://chromium.googlesource.com/chromium/src/+log/36.0.1985.0..37.0. 2062.0?pretty=full This update includes 50 security fixes. Below, we highlight fixes that were either...
CVE-2014-3170
CVE-2014-3170 affects Google Chrome/Chromium prior to version 37.0.2062.94, where extensions/common/url_pattern.cc fails to prevent a '\0' character in a host name. This allows an attacker to spoof the extension permission dialog by truncation after the null character. Debian and openSUSE advisor...
CVE-2014-3170
Removed by vendor...