Astra Linux - уязвимость в chromium

Before version 91.0.4472.114, using "After Free" in Google Chrome allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through a crafted HTML page and user gestures...

Astra Linux - уязвимость в chromium

Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to open DevTools to potentially exploit heap corruption via specific user gesture...

CVE-2026-5899

Insufficient policy enforcement in History Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Low...

CVE-2025-13636

Inappropriate implementation in Split View in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted domain name. Chromium security severity: Low...

PT-2025-48761

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 143.0.7499.41 Description An improper implementation in the Split View feature allowed a remote attacker to perform UI spoofing. The attacker needed to convince a user to perform specific UI gestures with a...

CVE-2025-12446

Incorrect security UI in SplitView in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted domain name. Chromium security severity: Low...

EUVD-2013-0900

Malware in sbrugna...

EUVD-2021-17487

Malware in sbrugna...

EUVD-2021-17476

Malware in sbrugna...

EUVD-2017-14130

Malware in sbrugna...

EUVD-2022-15320

Malicious code in bioql PyPI...

SUSE CVE-2025-0446

Inappropriate implementation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Low...

SUSE CVE-2024-6999

Inappropriate implementation in FedCM in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

PT-2024-3638 · Google +4 · Google Chrome +4

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 125.0.6422.60 Description: The issue is related to an inappropriate implementation in the Downloads component of Google Chrome, which allowed a remote attacker to perform UI spoofing via a crafted HTML page. Th...

PT-2024-3928 · Google +6 · Google Chrome +6

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 125.0.6422.141 Microsoft Edge affected versions not specified Description: The issue is related to an out of bounds memory access in the Browser UI, specifically in the Keyboard Inputs component, which could...

SUSE CVE-2013-0889

Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does not properly enforce a user gesture requirement before proceeding with a file download, which might make it easier for remote attackers to execute arbitrary code via a crafted file...

SUSE CVE-2013-0888

Skia, as used in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service out-of-bounds read via vectors related to a "user gesture check for dangerous file downloads."...

SUSE CVE-2022-0101

Heap buffer overflow in Bookmarks in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via specific user gesture...

SUSE CVE-2022-1141

Use after free in File Manager in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific user gesture...

Google Chrome Bug Lets Sites Silently Overwrite System Clipboard Content

A "major" security issue in the Google Chrome web browser, as well as Chromium-based alternatives, could allow malicious web pages to automatically overwrite clipboard content without requiring any user consent or interaction by simply visiting them. The clipboard poisoning attack is said to have...