Astra Linux - уязвимость в chromium

Inappropriate implementation in the Sign-In process in Google Chrome prior to version 1.3.36.351 allowed a remote attacker to bypass navigation restrictions through a crafted HTML page. Chromium security severity: Medium...

EUVD-2021-24470

Malware in sbrugna...

ROS-20240726-07

A vulnerability in the Sign-In component of the Google Chrome browser is related to the ability to bypass navigation restrictions using a specially crafted HTML page. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute cross-site scripted attacks...

CVE-2024-41801 OpenProject packaged installation has Open Redirect Vulnerability in Sign-In in default configuration

OpenProject is open source project management software. Prior to version 14.3.0, using a forged HOST header in the default configuration of packaged installations and using the "Login required" setting, an attacker could redirect to a remote host to initiate a phishing attack against an OpenProje...

CVE-2024-5500

Inappropriate implementation in Sign-In in Google Chrome prior to 1.3.36.351 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

CVE-2024-5500

Inappropriate implementation in Sign-In in Google Chrome prior to 1.3.36.351 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

CVE-2024-5500

Inappropriate implementation in Sign-In in Google Chrome prior to 1.3.36.351 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

CVE-2024-5500

Inappropriate implementation in Sign-In in Google Chrome prior to 1.3.36.351 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

CVE-2024-5500

Inappropriate implementation in Sign-In in Google Chrome prior to 1.3.36.351 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

CVE-2023-43319

Cross Site Scripting XSS vulnerability in the Sign-In page of IceWarp WebClient 10.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username parameter...

CVE-2023-35948 Novu Open Redirect Vulnerability in Sign-In with GitHub Functionality

Novu provides an API for sending notifications through multiple channels. Versions prior to 0.16.0 contain an open redirect vulnerability in the "Sign In with GitHub" functionality of Novu's open-source repository. It could have allowed an attacker to force a victim into opening a malicious URL a...

WordPress Kero jQuery/HTML Dashboard PRO 2.3.86 SQL Injection

==================================================================================================================================== | Title : WordPress - Kero jQuery/HTML Dashboard PRO Auth BY pass Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla...

Google Introduces Passwordless Secure Sign-In with Passkeys for Google Accounts

Almost five months after Google added support for passkeys to its Chrome browser, the tech giant has begun rolling out the passwordless solution across Google Accounts on all platforms. Passkeys, backed by the FIDO Alliance, are a more secure way to sign in to apps and websites without having to...

Chromium: CVE-2022-4191 Use after free in Sign-In

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2022-4191

Use after free in Sign-In in Google Chrome prior to 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via profile destruction. Chromium security severity: Medium...

CVE-2022-4191

Use after free in Sign-In in Google Chrome prior to 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via profile destruction. Chromium security severity: Medium...

CVE-2022-4191

CVE-2022-4191 affects Google Chrome/Chromium Sign-In. Root cause: use-after-free leading to potential heap corruption on profile destruction. Vulnerable upstream builds prior to 108.0.5359.71; fixed in Chrome 108.0.5359.71 (and the corresponding Debian package update 108.0.5359.71-2~deb11u1). Exp...

Google Chrome < 108.0.5359.71 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 108.0.5359.71. It is, therefore, affected by multiple vulnerabilities as referenced in the 202211stable-channel-update-for-desktop29 advisory. - Use after free in Accessibility in Google Chrome prior to 108.0.5359.71...

CVE-2022-4191

Use after free in Sign-In in Google Chrome prior to 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via profile destruction. Chromium security severity: Medium...

CVE-2022-4191

Use after free in Sign-In in Google Chrome prior to 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via profile destruction. Chromium security severity: Medium...