26 matches found
EUVD-2026-40605
Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-12017
Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...
CVE-2026-11190
Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2025-12431
Inappropriate implementation in Extensions in Google Chrome prior to 142.0.7444.59 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. Chromium security severity: High...
EUVD-2010-1871
Malware in sbrugna...
EUVD-2020-27658
Malware in sbrugna...
EUVD-2013-0935
Malware in sbrugna...
EUVD-2019-5125
Malware in sbrugna...
EUVD-2020-8006
Malware in sbrugna...
EUVD-2020-27703
Malware in sbrugna...
EUVD-2022-52167
Malicious code in bioql PyPI...
EUVD-2023-27449
Malicious code in bioql PyPI...
EUVD-2023-24015
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2018-6179
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient enforcement of file access permission in the activeTab case in Extensions in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced ...
CVE-2025-3069
Inappropriate implementation in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...
CVE-2023-23349
Kaspersky has fixed a security issue in Kaspersky Password Manager KPM for Windows that allowed a local user to recover the auto-filled credentials from a memory dump when the KPM extension for Google Chrome is used. To exploit the issue, an attacker must trick a user into visiting a login form o...
CVE-2023-23349
CVE-2023-23349 concerns Kaspersky Password Manager (KPM) for Windows, specifically when using the Google Chrome extension. A local attacker can potentially recover auto-filled credentials from a memory dump after the extension autofills them on a login form. Exploitation requires the user to be t...
DEBIAN-CVE-2024-0811
Inappropriate implementation in Extensions API in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. Chromium security severity: Low...
SUSE CVE-2023-5187
Use after free in Extensions in Google Chrome prior to 117.0.5938.132 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
Input validation
Insufficient data validation in Extensions in Google Chrome prior to 115.0.5790.170 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. Chromium security severity: Medium...