UBUNTU-CVE-2022-4188

Insufficient validation of untrusted input in CORS in Google Chrome on Android prior to 108.0.5359.71 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

Security Bulletin: Multiple vulnerabilities of Mozilla Firefox (less than Firefox 102.4ESR) have affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF16 - 2022.4.0

Summary Synthetic Playback Agent has addressed the following vulnerabilities: CVE-2022-42932, CVE-2022-40956, CVE-2022-42928, CVE-2022-42929, CVE-2022-42927, CVE-2022-40962, CVE-2022-40958, CVE-2022-40960, CVE-2022-40957, CVE-2022-40959 Vulnerability Details CVEID:CVE-2022-42932 DESCRIPTION:...

CVE-2022-4188

Insufficient validation of untrusted input in CORS in Google Chrome on Android prior to 108.0.5359.71 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

CVE-2022-4188

CVE-2022-4188 affects Google Chrome on Android before 108.0.5359.71, due to insufficient validation of untrusted input in CORS. This allowed a remote attacker to bypass the same-origin policy via a crafted HTML page. The issue is categorized as Medium severity (CVSS 3.1: 4.3). A fix was released ...

CVE-2022-4188

Insufficient validation of untrusted input in CORS in Google Chrome on Android prior to 108.0.5359.71 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

SUSE SLED15 / SLES15 Security Update : MozillaThunderbird (SUSE-SU-2022:4085-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4085-1 advisory. - A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result ...

CSRF on SSL certificates deletion

📜 Description Cross-site request forgery also known as CSRF is a web security vulnerability that allows an attacker to induce users to perform actions that they do not intend to perform using form submissions. It allows an attacker to partly circumvent the same origin policy, which is designed to...

Denial Of Service (DoS)

firefox is vulnerable to denial of service. The vulnerability exists because same-origin policy violation which allows to an attacker to cause application crashes by providing a maliciously crafted input to the librarys...

DEBIAN-CVE-2022-3310

Insufficient policy enforcement in custom tabs in Google Chrome on Android prior to 106.0.5249.62 allowed an attacker who convinced the user to install an application to bypass same origin policy via a crafted application. Chromium security severity: Medium...

CVE-2022-3310

Insufficient policy enforcement in custom tabs in Google Chrome on Android prior to 106.0.5249.62 allowed an attacker who convinced the user to install an application to bypass same origin policy via a crafted application. Chromium security severity: Medium...

CVE-2022-3310

Insufficient policy enforcement in custom tabs in Google Chrome on Android prior to 106.0.5249.62 allowed an attacker who convinced the user to install an application to bypass same origin policy via a crafted application. Chromium security severity: Medium...

Design/Logic Flaw

Insufficient policy enforcement in custom tabs in Google Chrome on Android prior to 106.0.5249.62 allowed an attacker who convinced the user to install an application to bypass same origin policy via a crafted application. Chromium security severity: Medium...

CVE-2022-3310

Insufficient policy enforcement in custom tabs in Google Chrome on Android prior to 106.0.5249.62 allowed an attacker who convinced the user to install an application to bypass same origin policy via a crafted application. Chromium security severity: Medium...

UBUNTU-CVE-2022-3310

Insufficient policy enforcement in custom tabs in Google Chrome on Android prior to 106.0.5249.62 allowed an attacker who convinced the user to install an application to bypass same origin policy via a crafted application. Chromium security severity: Medium...

CVE-2022-3310

Insufficient policy enforcement in custom tabs in Google Chrome on Android prior to 106.0.5249.62 allowed an attacker who convinced the user to install an application to bypass same origin policy via a crafted application. Chromium security severity: Medium...

CVE-2022-3310

CVE-2022-3310 : Affects Google Chrome/Chromium. The issue is described as insufficient policy enforcement in Custom Tabs, enabling a crafted app installed by the user to bypass the same-origin policy. Root cause: policy enforcement gap in Custom Tabs. Impact stated across sources includes potenti...

CVE-2022-3310

Insufficient policy enforcement in custom tabs in Google Chrome on Android prior to 106.0.5249.62 allowed an attacker who convinced the user to install an application to bypass same origin policy via a crafted application. Chromium security severity: Medium...

Debian DSA-5262-1 : thunderbird - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5262 advisory. - A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via performance.getEntries...

CVE-2022-42927

A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via performance.getEntries. This vulnerability affects Firefox 106, Firefox ESR 102.4, and Thunderbird 102.4...

UBUNTU-CVE-2022-42927

A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking the result of a redirect, via performance.getEntries. This vulnerability affects Firefox 106, Firefox ESR 102.4, and Thunderbird 102.4...