VYPR

Chrome

by Google

Source repositories

CVEs (5,374)

  • CVE-2019-13675MedNov 25, 2019
    risk 0.28cvss 4.3epss 0.01

    Insufficient data validation in extensions in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to disable extensions via a crafted HTML page.

  • CVE-2019-13674MedNov 25, 2019
    risk 0.28cvss 4.3epss 0.01

    IDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.

  • CVE-2019-13671MedNov 25, 2019
    risk 0.28cvss 4.3epss 0.01

    UI spoofing in Blink in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof security UI via a crafted HTML page.

  • CVE-2019-13669MedNov 25, 2019
    risk 0.28cvss 4.3epss 0.01

    Incorrect data validation in navigation in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

  • CVE-2019-13667MedNov 25, 2019
    risk 0.28cvss 4.3epss 0.01

    Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 77.0.3865.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

  • CVE-2019-13663MedNov 25, 2019
    risk 0.28cvss 4.3epss 0.01

    IDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.

  • CVE-2019-13661MedNov 25, 2019
    risk 0.28cvss 4.3epss 0.01

    UI spoofing in Chromium in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to spoof notifications via a crafted HTML page.

  • CVE-2019-13659MedNov 25, 2019
    risk 0.28cvss 4.3epss 0.01

    IDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.

  • CVE-2019-5840MedJun 27, 2019
    risk 0.28cvss 4.3epss 0.01

    Incorrect security UI in popup blocker in Google Chrome on iOS prior to 75.0.3770.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

  • CVE-2019-5839MedJun 27, 2019
    risk 0.28cvss 4.3epss 0.01

    Excessive data validation in URL parser in Google Chrome prior to 75.0.3770.80 allowed a remote attacker who convinced a user to input a URL to bypass website URL validation via a crafted URL.

  • CVE-2019-5838MedJun 27, 2019
    risk 0.28cvss 4.3epss 0.01

    Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed an attacker who convinced a user to install a malicious extension to bypass restrictions on file URIs via a crafted Chrome Extension.

  • CVE-2019-5833MedJun 27, 2019
    risk 0.28cvss 4.3epss 0.01

    Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80 allowed a remote attacker to display misleading security UI via a crafted HTML page.

  • CVE-2018-6177MedJun 27, 2019
    risk 0.28cvss 4.3epss 0.01

    Information leak in media engine in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

  • CVE-2018-6132MedJun 27, 2019
    risk 0.28cvss 4.3epss 0.01

    Uninitialized data in WebRTC in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted video file.

  • CVE-2019-5779MedFeb 19, 2019
    risk 0.28cvss 4.3epss 0.03

    Insufficient policy validation in ServiceWorker in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

  • CVE-2018-6178MedJan 9, 2019
    risk 0.28cvss 4.3epss 0.01

    Eliding from the wrong side in an infobar in DevTools in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to Hide Chrome Security UI via a crafted Chrome Extension.

  • CVE-2018-6112MedJan 9, 2019
    risk 0.28cvss 4.3epss 0.02

    Making URLs clickable and allowing them to be styled in DevTools in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

  • CVE-2018-20069MedJan 9, 2019
    risk 0.28cvss 4.3epss 0.00

    Failure to prevent navigation to top frame to data URLs in Navigation in Google Chrome on iOS prior to 71.0.3578.80 allowed a remote attacker to confuse the user about the origin of the current page via a crafted HTML page.

  • CVE-2018-20068MedJan 9, 2019
    risk 0.28cvss 4.3epss 0.00

    Incorrect handling of 304 status codes in Navigation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to confuse the user about the origin of the current page via a crafted HTML page.

  • CVE-2018-20067MedJan 9, 2019
    risk 0.28cvss 4.3epss 0.00

    A renderer initiated back navigation was incorrectly allowed to cancel a browser initiated one in Navigation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to confuse the user about the origin of the current page via a crafted HTML page.

Page 171 of 269