290 matches found
Google Chrome < 92.0.4515.159 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 92.0.4515.159. It is, therefore, affected by multiple vulnerabilities as referenced in the 202108stable-channel-update-for-desktop advisory. - Use after free in ANGLE in Google Chrome prior to 92.0.4515.159 allowed a...
Microsoft Edge 资源管理错误漏洞
Chrome is a web browsing tool developed by Google. A post-release reuse vulnerability exists in the Extensions API in versions of Google Chrome prior to 92.0.4515.159. An attacker could exploit this vulnerability to potentially cause heap corruption via a crafted HTML page...
Google Chrome < 92.0.4515.159 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 92.0.4515.159. It is, therefore, affected by multiple vulnerabilities as referenced in the 202108stable-channel-update-for-desktop advisory. - Use after free in ANGLE in Google Chrome prior to 92.0.4515.159 allowed a remo...
chromium -- multiple vulnerabilities
Chrome Releases reports: This release contains 9 security fixes, including: 1234764 High CVE-2021-30598: Type Confusion in V8. Reported by Manfred Paul on 2021-07-30 1234770 High CVE-2021-30599: Type Confusion in V8. Reported by Manfred Paul on 2021-07-30 1231134 High CVE-2021-30600: Use after fr...
Google Chrome Security Bypass Vulnerability (CNVD-2019-22832)
Google Chrome is a web browser from Google, an American company. A security vulnerability exists in the Extensions API in versions of Google Chrome prior to 68.0.3440.75, which stems from the program failing to adequately validate data. An attacker can exploit the vulnerability to bypass navigati...
CVE-2018-6176
Insufficient file type enforcement in Extensions API in Google Chrome prior to 68.0.3440.75 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted Chrome Extension...
CVE-2018-6176
Insufficient file type enforcement in Extensions API in Google Chrome prior to 68.0.3440.75 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted Chrome Extension...
CVE-2018-6138
Insufficient policy enforcement in Extensions API in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension...
CVE-2018-6138
Insufficient policy enforcement in Extensions API in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension...
CVE-2018-16064
Insufficient data validation in Extensions API in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension...
CVE-2018-16064
Insufficient data validation in Extensions API in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension...
CVE-2019-5838
Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension...
Authorization
Insufficient file type enforcement in Extensions API in Google Chrome prior to 68.0.3440.75 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted Chrome Extension...
UBUNTU-CVE-2018-6138
Insufficient policy enforcement in Extensions API in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension...
Input validation
Insufficient data validation in Extensions API in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension...
Code injection
Insufficient policy enforcement in Extensions API in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension...
CVE-2018-6138
Insufficient policy enforcement in Extensions API in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension...
UBUNTU-CVE-2018-16086
Insufficient policy enforcement in extensions API in Google Chrome prior to 69.0.3497.81 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension...
CVE-2019-5838
CVE-2019-5838 : Insufficient policy enforcement in Chrome extensions API allowed a user-went-through-a-malicious-extension attack to bypass file URI restrictions. Affected: Google Chrome/Chromium prior to 75.0.3770.80. Impact is that a crafted extension could enable access to file URIs that shoul...
CVE-2019-5838
Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension...