26 matches found
Astra Linux – Vulnerability in Chromium
The use of “after free” in the Reading Mode in Google Chrome before version 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through specific UI interactions. Chromium security severity: Medium...
Astra Linux – Vulnerability in Chromium
Before version 121.0.6167.85, using free after in WebRTC in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
Insufficient data validation in DevTools in Google Chrome prior to 121.0.6167.85 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
The incorrect security UI in Payments in Google Chrome prior to version 121.0.6167.85 allowed a remote attacker to potentially spoof the security UI through a crafted HTML page. Chromium security severity: Medium...
Astra Linux – Vulnerability in Chromium
Insufficient policy enforcement in DevTools in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. Chromium security severity: Medium...
Astra Linux – Vulnerability in Chromium
Inappropriate implementation in Autofill in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. Chromium security severity: Low...
Astra Linux – Vulnerability in Chromium
Insufficient policy enforcement in the iOS Security UI of Google Chrome prior to version 121.0.6167.85 allowed a remote attacker to leak cross-origin data through a crafted HTML page. Chromium security severity: Medium...
Astra Linux – Vulnerability in Chromium
Inappropriate implementation in Downloads in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to perform domain spoofing via a crafted domain name. Chromium security severity: Medium...
Google Chrome Security Bypass Vulnerability (CNVD-2024-10261)
Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome version 121.0.6167.85 and earlier versions, which stems from an incorrect security user interface in the Payments module. An attacker can exploit this vulnerability to bypass...
SUSE CVE-2024-0805
Inappropriate implementation in Downloads in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to perform domain spoofing via a crafted domain name. Chromium security severity: Medium...
SUSE CVE-2024-0809
Inappropriate implementation in Autofill in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. Chromium security severity: Low...
SUSE CVE-2024-0811
Inappropriate implementation in Extensions API in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. Chromium security severity: Low...
DEBIAN-CVE-2024-0811
Inappropriate implementation in Extensions API in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. Chromium security severity: Low...
DEBIAN-CVE-2024-0809
Inappropriate implementation in Autofill in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. Chromium security severity: Low...
DEBIAN-CVE-2024-0813
Use after free in Reading Mode in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interaction. Chromium security severity: Medium...
DEBIAN-CVE-2024-0808
Integer underflow in WebUI in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via a malicious file. Chromium security severity: High...
DEBIAN-CVE-2024-0806
Use after free in Passwords in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via specific UI interaction. Chromium security severity: Medium...
DEBIAN-CVE-2024-0805
Inappropriate implementation in Downloads in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to perform domain spoofing via a crafted domain name. Chromium security severity: Medium...
PT-2024-5214 · Google +4 · Google Chrome +4
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 121.0.6167.85 Description: The issue is related to a Use After Free in WebRTC, allowing a remote attacker to potentially exploit heap corruption via a crafted HTML page. The severity of this issue is considered...
CVE-2024-0805
Inappropriate implementation in Downloads in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to perform domain spoofing via a crafted domain name. Chromium security severity: Medium...