Page 290 of 2450 results (0.019 seconds)

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-13682 – chromium-browser: Site isolation bypass

https://notcve.org/view.php?id=CVE-2019-13682

Insufficient policy enforcement in external protocol handling in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Una aplicación de política insuficiente en external protocol handling en Google Chrome versiones anteriores a 77.0.3865.75, permitió a un atacante remoto omitir la política del mismo origen por medio de una página HTML diseñada. • https://chromereleases.googleblog.com/2019/09/stable-channel-update-for-desktop.html https://crbug.com/971917 https://access.redhat.com/security/cve/CVE-2019-13682 https://bugzilla.redhat.com/show_bug.cgi?id=1762402 • CWE-281: Improper Preservation of Permissions •

CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2019-13667 – chromium-browser: URI bar spoof when using external app URIs

https://notcve.org/view.php?id=CVE-2019-13667

Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. Una implementación inapropiada en Omnibox en Google Chrome en iOS versiones anteriores a 77.0.3865.75, permitió a un atacante remoto falsificar el contenido del Omnibox (barra de URL) por medio de una página HTML diseñada. • https://chromereleases.googleblog.com/2019/09/stable-channel-update-for-desktop.html https://crbug.com/973056 https://access.redhat.com/security/cve/CVE-2019-13667 https://bugzilla.redhat.com/show_bug.cgi?id=1762388 •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-13679 – chromium-browser: User gesture needed for printing

https://notcve.org/view.php?id=CVE-2019-13679

Insufficient policy enforcement in PDFium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to show print dialogs via a crafted PDF file. Una aplicación de política insuficiente en PDFium en Google Chrome versiones anteriores a 77.0.3865.75, permitió a un atacante remoto mostrar cuadros de diálogo de impresión por medio de un archivo PDF diseñado. • https://chromereleases.googleblog.com/2019/09/stable-channel-update-for-desktop.html https://crbug.com/968914 https://access.redhat.com/security/cve/CVE-2019-13679 https://bugzilla.redhat.com/show_bug.cgi?id=1762399 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-13698 – Google Chromium RegExpReplace Type Confusion Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2019-13698

Out of bounds memory access in JavaScript in Google Chrome prior to 73.0.3683.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un acceso a la memoria fuera de límites en JavaScript en Google Chrome versiones anteriores a 73.0.3683.103, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Google Chromium. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of the JavaScript RegExp.replace method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. • https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop.html https://crbug.com/944971 • CWE-787: Out-of-bounds Write •

CVSS: 7.5EPSS: 0%CPEs: 21EXPL: 0

CVE-2019-8075 – flash-plugin: Same origin policy bypass leading to information disclosure

https://notcve.org/view.php?id=CVE-2019-8075

Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user. Adobe Flash Player versión 32.0.0.192 y versiones anteriores, presentan una vulnerabilidad de Omisión de la Política del Mismo Origen. Su explotación con éxito podría conllevar a una divulgación de información en el contexto del usuario actual. • https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_17.html https://crbug.com/945997 https://helpx.adobe.com/security/products/flash-player/apsb19-30.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AB2XOYF26EBHJEI6LXCBL32TGZM7UHQ4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S4XYJ7B6OXHZNYSA5J3DBUOFEC6WCAGW https://www.debian.org/security/2021/dsa-4824 https://access.redhat.com/security/cve/CVE •