Page 61 of 3370 results (0.011 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Inappropriate implementation in Internals in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to spoof the origin of an iframe via a crafted HTML page. (Chromium security severity: Low) • https://chromereleases.googleblog.com/2023/03/stable-channel-update-for-desktop.html https://crbug.com/1374518 •

CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0

Type confusion in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted UI interaction. (Chromium security severity: Low) • https://chromereleases.googleblog.com/2023/03/stable-channel-update-for-desktop.html https://crbug.com/1404704 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

Inappropriate implementation in Intents in Google Chrome on Android prior to 111.0.5563.64 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low) • https://chromereleases.googleblog.com/2023/03/stable-channel-update-for-desktop.html https://crbug.com/1404621 •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Insufficient policy enforcement in Resource Timing in Google Chrome prior to 111.0.5563.64 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from API via a crafted Chrome Extension. (Chromium security severity: Low) • https://chromereleases.googleblog.com/2023/03/stable-channel-update-for-desktop.html https://crbug.com/1045681 •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Insufficient policy enforcement in Resource Timing in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to obtain potentially sensitive information from API via a crafted HTML page. (Chromium security severity: Low) • https://chromereleases.googleblog.com/2023/03/stable-channel-update-for-desktop.html https://crbug.com/1346924 •