19 results (0.008 seconds)

CVSS: -EPSS: 0%CPEs: 1EXPL: 0

Inappropriate implementation in Extensions in Google Chrome on Windows prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) • https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html https://issues.chromium.org/issues/40059470 •

CVSS: -EPSS: 0%CPEs: 1EXPL: 0

Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) • https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html https://issues.chromium.org/issues/353858776 •

CVSS: -EPSS: 0%CPEs: 1EXPL: 0

Inappropriate implementation in WebApp Installs in Google Chrome on Windows prior to 128.0.6613.84 allowed an attacker who convinced a user to install a malicious application to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) • https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html https://issues.chromium.org/issues/350256139 •

CVSS: -EPSS: 0%CPEs: 1EXPL: 0

Inappropriate implementation in Views in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) • https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html https://issues.chromium.org/issues/40067456 •

CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0

Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege escalation via a crafted symbolic link. (Chromium security severity: Medium) • https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html https://issues.chromium.org/issues/356328460 • CWE-20: Improper Input Validation •