12 matches found
EUVD-2021-8596
Malicious code in bioql PyPI...
DEBIAN-CVE-2022-3053
Inappropriate implementation in Pointer Lock in Google Chrome on Mac prior to 105.0.5195.52 allowed a remote attacker to restrict user navigation via a crafted HTML page...
CVE-2021-38015
CVE-2021-38015 affects the Chromium-based browser engine. The provided security advisories describe an inappropriate implementation in the input handling of Chromium (prior to 96.0.4664.45) that could allow a user-assisted attacker who persuades a user to install a malicious extension to bypass n...
CVE-2021-21205
Insufficient policy enforcement in navigation in Google Chrome on iOS prior to 90.0.4430.72 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...
Navigation Restriction Bypass
chromium is vulnerable to Navigation Restriction Bypass. Inappropriate implementation in iframe sandbox in Google Chrome allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...
PT-2020-14247
Name of the Vulnerable Software and Affected Versions Electron versions prior to 11.0.0-beta.1 Electron versions prior to 10.0.1 Electron versions prior to 9.3.0 Electron versions prior to 8.5.1 Description The will-navigate event can be bypassed when a sub-frame performs a top-frame navigation...
CVE-2020-6568
Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...
chromium-browser: Multiple download restriction bypass
Lack of proper state tracking in Permissions in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...
CVE-2014-1884
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier on Windows Phone 7 and 8 do not properly restrict navigation events, which allows remote attackers to bypass intended device-resource restrictions via content that is accessed 1 in an IFRAME element or 2 with the XMLHttpRequest...
Code injection
Mozilla Firefox before 15.0 does not properly restrict navigation to the about:newtab page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers creation of a new tab and then a new window...
CVE-2012-3965
Mozilla Firefox before 15.0 does not properly restrict navigation to the about:newtab page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers creation of a new tab and then a new window...
CVE-2012-3965
Mozilla Firefox before 15.0 does not properly restrict navigation to the about:newtab page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers creation of a new tab and then a new window...