CVE-2021-37990

CVE-2021-37990 describes an inappropriate implementation in the WebView component of the Chromium browser engine on Android prior to 95.0.4638.54. The issue allows a remote attacker to leak cross-origin data through a crafted Android app, i.e., data exfiltration from cross-origin contexts via Web...

openSUSE 15 Security Update : chromium (openSUSE-SU-2021:1396-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1396-1 advisory. - : Heap buffer overflow in Skia. CVE-2021-37981 - : Use after free in Incognito. CVE-2021-37982 - : Use after free in Dev Tools...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2021:1396-1 Rating: important References: 1191844 Cross-References: CVE-2021-37981 CVE-2021-37982 CVE-2021-37983 CVE-2021-37984 CVE-2021-37985 CVE-2021-37986 CVE-2021-37987 CVE-2021-37988 CVE-2021-37989...

Google Chrome Security Update (stable-channel-update-for-desktop_19-2021-10) - Windows

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

Chromium: CVE-2021-37990 Inappropriate implementation in WebView

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Google Chrome WebView improperly implemented vulnerability (CNVD-2021-84807)

Chrome is a web browsing tool developed by Google. versions prior to Google Chrome 95.0.4638.54 are vulnerable to a WebView misimplementation. An attacker could exploit this vulnerability to leak cross-domain data through a crafted application...

FreeBSD : chromium -- multiple vulnerabilities (bdaecfad-3117-11ec-b3b0-3065ec8fd3ec)

Chrome Releases reports : This release contains 19 security fixes, including : - 1246631 High CVE-2021-37981: Heap buffer overflow in Skia. Reported by Yangkang @dnpushme of 360 ATA on 2021-09-04 - 1248661 High CVE-2021-37982: Use after free in Incognito. Reported by Weipeng Jiang @Krace from...

Google Chrome 安全特征问题漏洞

Chrome is a web browsing tool developed by Google. versions prior to Google Chrome 95.0.4638.54 are vulnerable to a WebView misimplementation. An attacker could exploit this vulnerability to leak cross-domain data through a crafted application...

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 19 security fixes, including: 1246631 High CVE-2021-37981: Heap buffer overflow in Skia. Reported by Yangkang @dnpushme of 360 ATA on 2021-09-04 1248661 High CVE-2021-37982: Use after free in Incognito. Reported by Weipeng Jiang @Krace from Codesafe...

Basecamp: com.basecamp.bc3 Webview Javascript Injection and JS bridge takeover

It was identified that the android com.basecamp.bc3 application, contains a Webview where the loaded URLs are not sanitised properly. As this webview's functionality is extended via javascript interfaces and has the javascript enabled it is possible to inject arbitrary javascript code which will ...

CVE-2021-25463

Improper access control vulnerability in PENUP prior to version 3.8.00.18 allows arbitrary webpage loading in webview...

Improper access control

Improper access control vulnerability in PENUP prior to version 3.8.00.18 allows arbitrary webpage loading in webview...

CVE-2021-25463

Improper access control vulnerability in PENUP prior to version 3.8.00.18 allows arbitrary webpage loading in webview...

CVE-2021-25463

CVE-2021-25463 affects Samsung PENUP prior to version 3.8.00.18. The connected sources confirm an improper access control vulnerability that allows arbitrary webpage loading in the webview component. Impact is limited to the ability to load webpages within PENUP’s webview, with the CVSS details i...

PT-2021-16653 · Penup · Penup

Name of the Vulnerable Software and Affected Versions: PENUP versions prior to 3.8.00.18 Description: The issue is related to improper access control, allowing arbitrary webpage loading in webview. This could potentially lead to unauthorized access or malicious activities. Recommendations: For...

CVE-2021-25448

Improper access control vulnerability in Smart Touch Call prior to version 1.0.0.5 allows arbitrary webpage loading in webview...

CVE-2021-25446

Improper access control vulnerability in SmartThings prior to version 1.7.67.25 allows untrusted applications to cause arbitrary webpage loading in webview...

Improper access control

Improper access control vulnerability in Smart Touch Call prior to version 1.0.0.5 allows arbitrary webpage loading in webview...

CVE-2021-25448

Improper access control vulnerability in Smart Touch Call prior to version 1.0.0.5 allows arbitrary webpage loading in webview...

CVE-2021-25447

The CVE concerns Samsung SmartThings. Affected product: SmartThings app (versions prior to 1.7.67.25). Root cause: improper access control allowing untrusted applications to perform local file inclusion in the WebView. Impact: local file inclusion in the app context (no vector details provided be...