Search CVE reports
281 – 290 of 28510 results
Insufficient validation of untrusted input in Storage Access API in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML...
1 affected package
chromium-browser
| Package | 26.04 LTS |
|---|---|
| chromium-browser | Not affected |
Inappropriate implementation in Permissions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
1 affected package
chromium-browser
| Package | 26.04 LTS |
|---|---|
| chromium-browser | Not affected |
Inappropriate implementation in Permissions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
1 affected package
chromium-browser
| Package | 26.04 LTS |
|---|---|
| chromium-browser | Not affected |
Insufficient policy enforcement in Content Settings in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Low)
1 affected package
chromium-browser
| Package | 26.04 LTS |
|---|---|
| chromium-browser | Not affected |
Insufficient policy enforcement in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass discretionary access control via a crafted HTML...
1 affected package
chromium-browser
| Package | 26.04 LTS |
|---|---|
| chromium-browser | Not affected |
Inappropriate implementation in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML...
1 affected package
chromium-browser
| Package | 26.04 LTS |
|---|---|
| chromium-browser | Not affected |
Use after free in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page....
1 affected package
chromium-browser
| Package | 26.04 LTS |
|---|---|
| chromium-browser | Not affected |
Inappropriate implementation in Google Lens in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)
1 affected package
chromium-browser
| Package | 26.04 LTS |
|---|---|
| chromium-browser | Not affected |
Insufficient policy enforcement in CustomTabs in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
1 affected package
chromium-browser
| Package | 26.04 LTS |
|---|---|
| chromium-browser | Not affected |
Insufficient validation of untrusted input in IndexedDB in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium...
1 affected package
chromium-browser
| Package | 26.04 LTS |
|---|---|
| chromium-browser | Not affected |