NotCVE - vendor:"Google" product:"Chrome" version:"

Page 148 of 3368 results (0.008 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-5861 – chromium-browser: Click location incorrectly checked

https://notcve.org/view.php?id=CVE-2019-5861

12 Aug 2019 — Insufficient data validation in Blink in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to bypass anti-clickjacking policy via a crafted HTML page. Una comprobación de datos insuficiente en Blink en Google Chrome versiones anteriores a 76.0.3809.87, permitió a un atacante remoto omitir la política anti-clickjacking por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary ... • https://chromereleases.googleblog.com/2019/07/stable-channel-update-for-desktop_30.html • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-5862 – chromium-browser: AppCache not robust to compromised renderers

https://notcve.org/view.php?id=CVE-2019-5862

12 Aug 2019 — Insufficient data validation in AppCache in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Una comprobación de datos insuficiente en AppCache en Google Chrome versiones anteriores a 76.0.3809.87, permitió a un atacante remoto, que había comprometido el proceso del renderizador, omitir el aislamiento del sitio por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and... • https://chromereleases.googleblog.com/2019/07/stable-channel-update-for-desktop_30.html • CWE-20: Improper Input Validation •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-5864 – chromium-browser: Insufficient port filtering in CORS for extensions

https://notcve.org/view.php?id=CVE-2019-5864

12 Aug 2019 — Insufficient data validation in CORS in Google Chrome prior to 76.0.3809.87 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension. Una comprobación de datos insuficiente en CORS en Google Chrome versiones anteriores a 76.0.3809.87, permitió a un atacante, que convenció a un usuario para instalar una extensión maliciosa, omitir la política de seguridad de contenido por medio de una Extensión de Chrome diseñada. Multiple vuln... • https://chromereleases.googleblog.com/2019/07/stable-channel-update-for-desktop_30.html • CWE-20: Improper Input Validation CWE-863: Incorrect Authorization •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-5865 – chromium-browser: Site isolation bypass from compromised renderer

https://notcve.org/view.php?id=CVE-2019-5865

12 Aug 2019 — Insufficient policy enforcement in navigations in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Una aplicación de política insuficiente en navigations en Google Chrome versiones anteriores a 76.0.3809.87, permitió a un atacante remoto, que había comprometido el proceso del renderizador, omitir el aislamiento del sitio por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Ch... • https://chromereleases.googleblog.com/2019/07/stable-channel-update-for-desktop_30.html • CWE-862: Missing Authorization •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-5847 – chromium-browser: V8 sealed/frozen elements cause crash

https://notcve.org/view.php?id=CVE-2019-5847

29 Jul 2019 — Inappropriate implementation in JavaScript in Google Chrome prior to 75.0.3770.142 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una implementación inapropiada en JavaScript en Google Chrome versiones anteriores a 75.0.3770.142, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers ... • https://chromereleases.googleblog.com/2019/07/stable-channel-update-for-desktop.html • CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-5848 – chromium-browser: Font sizes may expose sensitive information

https://notcve.org/view.php?id=CVE-2019-5848

29 Jul 2019 — Incorrect font handling in autofill in Google Chrome prior to 75.0.3770.142 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. El manejo incorrecto de la fuente en autofill en Google Chrome versiones anteriores a 75.0.3770.142, permitió a un atacante remoto obtener información potencialmente confidencial de la memoria de proceso por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the wo... • https://chromereleases.googleblog.com/2019/07/stable-channel-update-for-desktop.html • CWE-312: Cleartext Storage of Sensitive Information •

CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0

CVE-2019-5834 – Debian Security Advisory 4500-1

https://notcve.org/view.php?id=CVE-2019-5834

27 Jun 2019 — Insufficient data validation in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to perform domain spoofing via a crafted HTML page. La insuficiente validación de datos en Blink en Google Chrome antes de 75.0.3770.80 permitió que un atacante remoto realizara una falsificación de dominio a través de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code. Versions less tha... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html • CWE-346: Origin Validation Error •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-6177 – chromium-browser: Cross origin information leak in Blink

https://notcve.org/view.php?id=CVE-2018-6177

27 Jun 2019 — Information leak in media engine in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page. La fuga de información en el motor de medios en Google Chrome antes de 68.0.3440.75 permitió a un atacante remoto filtrar datos de origen cruzado a través de una página HTML diseñada • https://chromereleases.googleblog.com/2018/07/stable-channel-update-for-desktop.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

CVE-2019-5812 – Gentoo Linux Security Advisory 201908-18

https://notcve.org/view.php?id=CVE-2019-5812

27 Jun 2019 — Inadequate security UI in iOS UI in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to perform domain spoofing via a crafted HTML page. La IU de seguridad inadecuada en la IU de iOS en Google Chrome antes de 74.0.3729.108 permitió que un atacante remoto realizara una falsificación de dominio a través de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers to execute arbitrary code. Versions less than ... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html •

CVSS: 8.8EPSS: 1%CPEs: 7EXPL: 0

CVE-2019-5816 – Gentoo Linux Security Advisory 201908-18

https://notcve.org/view.php?id=CVE-2019-5816

27 Jun 2019 — Process lifetime issue in Chrome in Google Chrome on Android prior to 74.0.3729.108 allowed a remote attacker to potentially persist an exploited process via a crafted HTML page. El problema de la duración del proceso en Chrome en Google Chrome en Android antes de 74.0.3729.108 permitió que un atacante remoto pudiera persistir en un proceso explotado a través de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could allow remote attackers t... • http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html • CWE-664: Improper Control of a Resource Through its Lifetime •

1...146 147 148 149 150