Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-14130

Malware in sbrugna...

6.1CVSS7.8AI score0.02067EPSS
Exploits0References13
UbuntuCve
UbuntuCve
added 2022/07/23 12:15 a.m.30 views

CVE-2022-1136

Use after free in Tab Strip in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific set of user gestures...

8.8CVSS6.9AI score0.0052EPSS
Exploits1References1
Prion
Prion
added 2022/04/05 12:15 a.m.25 views

Design/Logic Flaw

Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and convinced a user to enage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...

6.8CVSS8.8AI score0.0058EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2021/06/04 6:15 p.m.28 views

CVE-2021-30520

Use after free in Tab Strip in Google Chrome prior to 90.0.4430.212 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.2AI score0.00881EPSS
Exploits1References1
NVD
NVD
added 2021/02/09 3:15 p.m.19 views

CVE-2021-21143

Heap buffer overflow in Extensions in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension...

8.8CVSS0.0082EPSS
Exploits0References5
OSV
OSV
added 2020/08/28 2:46 p.m.6 views

MGASA-2020-0352 Updated thunderbird packages fix security vulnerabilities

By holding a reference to the eval function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an unintended or malicious...

8.8CVSS7.7AI score0.01378EPSS
Exploits0References4
Prion
Prion
added 2020/06/03 11:15 p.m.24 views

Design/Logic Flaw

Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.97 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension...

4.3CVSS7.1AI score0.01073EPSS
Exploits0References6Affected Software4
OSV
OSV
added 2018/06/11 9:29 p.m.3 views

CVE-2017-5389

WebExtensions could use the "mozAddonManager" API by modifying the CSP headers on sites with the appropriate permissions and then using host requests to redirect script loads to a malicious site. This allows a malicious extension to then install additional extensions without explicit user...

6.1CVSS6.9AI score0.00934EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2017/03/02 12:0 a.m.7 views

The vulnerability of Google Chrome allows a hacker to install a malicious extension.

The vulnerability of Google Chrome’s DevTools URLs component is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to install a malicious extension and gain access to file readings through a specially crafted HTML page...

4.3CVSS7AI score0.01494EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder