Inappropriate implementation in Autofill in Google Chrome prior to 1.85 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. Insufficient policy enforcement in DevTools in Google Chrome prior to 1.85 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. Inappropriate implementation in Extensions API in Google Chrome prior to 1.85 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. Inappropriate implementation in Accessibility in Google Chrome prior to 1.85 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Use after free in Reading Mode in Google Chrome prior to 1.85 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interaction. Incorrect security UI in Payments in Google Chrome prior to 1.85 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. Use after free in Peer Connection in Google Chrome prior to 1.139 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. Use after free in Canvas in Google Chrome prior to 1.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Use after free in Network in Google Chrome prior to 1.139 allowed a remote attacker to potentially exploit heap corruption via a malicious file. Heap buffer overflow in Skia in Google Chrome prior to 1.160 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Use after free in Mojo in Google Chrome prior to 1.160 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |