82 matches found
DEBIAN-CVE-2024-12692
Type Confusion in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
Use After Free
chromium is vulnerable to Use After Free.The vulnerability is due to improper handling of memory objects, potentially leading to heap corruption when processing a crafted HTML page...
CVE-2024-1676
Inappropriate implementation in Navigation in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to spoof security UI via a crafted HTML page. Chromium security severity: Low...
CVE-2023-5486
Inappropriate implementation in Input in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. Chromium security severity: Low...
CVE-2023-4764
Incorrect security UI in BFCache in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: High...
CVE-2023-3734
Inappropriate implementation in Picture In Picture in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to potentially spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...
CVE-2023-3733
CVE-2023-3733 affects Google Chrome/Chromium: Inappropriate implementation in WebApp Installs can allow a crafted HTML page to spoof the Omnibox contents. The issue is fixed in Chrome/Chromium around 115.0.5790.98 (and later, e.g., 115.0.5790.99 per update notes); Debian and other advisories conf...
Authentication Bypass
Google Chrome is vulnerable to Authentication Bypass. The vulnerability exists due to the inappropriate implementation in FedCM, which allows an attacker to bypass navigation restrictions via a crafted HTML page...
Authentication Bypass
Google Chrome is vulnerable to Authentication Bypass. The vulnerability exists due to the insufficient policy enforcement in Navigation, which allows an attacker bypass same origin policy via a crafted HTML page...
CVE-2023-0131
Inappropriate implementation in in iframe Sandbox in Google Chrome prior to 109.0.5414.74 allowed a remote attacker to bypass file download restrictions via a crafted HTML page. Chromium security severity: Medium...
CVE-2022-3447
Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 106.0.5249.119 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: High...
CVE-2022-3053
Inappropriate implementation in Pointer Lock in Google Chrome on Mac prior to 105.0.5195.52 allowed a remote attacker to restrict user navigation via a crafted HTML page...
CVE-2022-3053
CVE-2022-3053 corresponds to an “Inappropriate implementation in Pointer Lock” in Google Chrome on macOS prior to 105.0.5195.52, enabling a remote attacker to restrict user navigation via a crafted HTML page. The connected documents confirm this vulnerability in Chromium/Chrome with affected vers...
CVE-2022-3053
Inappropriate implementation in Pointer Lock in Google Chrome on Mac prior to 105.0.5195.52 allowed a remote attacker to restrict user navigation via a crafted HTML page...
CVE-2022-2399
Use after free in WebGPU in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2022-2294
Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2022-2011
Use after free in ANGLE in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2022-2157
Use after free in Interest groups in Google Chrome prior to 103.0.5060.53 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page...
CVE-2022-2157
Use after free in Interest groups in Google Chrome prior to 103.0.5060.53 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page...
CVE-2022-1497
Inappropriate implementation in Input in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to spoof the contents of cross-origin websites via a crafted HTML page...