Lucene search
K

212 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:2 a.m.4 views

SUSE CVE-2020-6440

Inappropriate implementation in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension...

4.3CVSS5.9AI score0.01153EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2023/02/15 3:35 a.m.4 views

SUSE CVE-2022-0109

Inappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to obtain potentially sensitive information via a crafted HTML page...

6.5CVSS6.6AI score0.01334EPSS
Exploits1References7
NVD
NVD
added 2023/02/07 9:15 p.m.26 views

CVE-2023-0700

Inappropriate implementation in Download in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00679EPSS
Exploits0References3
OSV
OSV
added 2023/01/10 8:15 p.m.16 views

CVE-2023-0133

Inappropriate implementation in in Permission prompts in Google Chrome on Android prior to 109.0.5414.74 allowed a remote attacker to bypass main origin permission delegation via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.2AI score
Exploits0References4
UbuntuCve
UbuntuCve
added 2023/01/10 8:15 p.m.30 views

CVE-2023-0133

Inappropriate implementation in in Permission prompts in Google Chrome on Android prior to 109.0.5414.74 allowed a remote attacker to bypass main origin permission delegation via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS6.9AI score0.00573EPSS
Exploits0References3
Prion
Prion
added 2023/01/10 8:15 p.m.21 views

Design/Logic Flaw

Inappropriate implementation in in Permission prompts in Google Chrome on Android prior to 109.0.5414.74 allowed a remote attacker to bypass main origin permission delegation via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS6.2AI score0.00573EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2023/01/10 12:0 a.m.29 views

CVE-2023-0133

Inappropriate implementation in in Permission prompts in Google Chrome on Android prior to 109.0.5414.74 allowed a remote attacker to bypass main origin permission delegation via a crafted HTML page. Chromium security severity: Medium...

6.7AI score0.00573EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/01/02 12:0 a.m.19 views

CVE-2022-4025

Inappropriate implementation in Paint in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to leak cross-origin data outside an iframe via a crafted HTML page. Chrome security severity: Low...

6.3AI score0.00458EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/12/22 5:52 p.m.26 views

CVE-2022-23541 jsonwebtoken's insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC

jsonwebtoken is an implementation of JSON Web Tokens. Versions = 8.5.1 of jsonwebtoken library can be misconfigured so that passing a poorly implemented key retrieval function referring to the secretOrPublicKey argument from the readme link will result in incorrect verification of tokens. There i...

5CVSS6.6AI score0.00753EPSS
Exploits0References4
Prion
Prion
added 2022/11/30 12:15 a.m.20 views

Design/Logic Flaw

Inappropriate implementation in Navigation in Google Chrome on iOS prior to 108.0.5359.71 allowed a remote attacker to spoof the contents of the modal dialogue via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS4.5AI score0.00752EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/11/28 12:0 a.m.27 views

CVE-2022-45939

GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags " command suggested in the ctags...

7.8CVSS7.8AI score0.0063EPSS
Exploits0References7
OSV
OSV
added 2022/11/09 7:15 p.m.34 views

CVE-2022-3447

Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 106.0.5249.119 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: High...

4.3CVSS5AI score
Exploits0References3
UbuntuCve
UbuntuCve
added 2022/08/12 8:15 p.m.23 views

CVE-2022-2616

Inappropriate implementation in Extensions API in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to spoof the contents of the Omnibox URL bar via a crafted Chrome Extension...

6.5CVSS6.9AI score0.00395EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2022/07/28 1:15 a.m.28 views

CVE-2022-2164

Inappropriate implementation in Extensions API in Google Chrome prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted HTML page...

6.3CVSS6.8AI score0.00545EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/07/27 9:17 p.m.26 views

CVE-2022-1862

Inappropriate implementation in Extensions in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass profile restrictions via a crafted HTML page...

7AI score0.00485EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2022/07/27 9:17 p.m.44 views

CVE-2022-1862

Inappropriate implementation in Extensions in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass profile restrictions via a crafted HTML page...

6.5CVSS7AI score0.00485EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2022/07/26 10:15 p.m.39 views

CVE-2022-1498

Inappropriate implementation in HTML Parser in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

4.3CVSS6.3AI score0.00708EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2022/07/26 10:15 p.m.34 views

CVE-2022-1501

Inappropriate implementation in iframe in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

6.5CVSS6.8AI score0.00738EPSS
Exploits1References1
AlpineLinux
AlpineLinux
added 2022/07/26 9:31 p.m.47 views

CVE-2022-1482

Inappropriate implementation in WebGL in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

6.5CVSS7.1AI score0.00775EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2022/07/25 2:15 p.m.24 views

CVE-2022-1307

Inappropriate implementation in full screen in Google Chrome on Android prior to 100.0.4896.88 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

4.3CVSS6.8AI score0.00611EPSS
Exploits1References1
Rows per page
Query Builder