Inappropriate implementation in Extensions API in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. (Chromium security severity: Low)
Max CVSS
4.3
EPSS Score
0.05%
Published
2024-01-24
Updated
2024-02-19
Insufficient policy enforcement in DevTools in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. (Chromium security severity: Medium)
Max CVSS
4.3
EPSS Score
0.05%
Published
2024-01-24
Updated
2024-01-29
Inappropriate implementation in Autofill in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low)
Max CVSS
4.3
EPSS Score
0.08%
Published
2024-01-24
Updated
2024-01-29
Inappropriate implementation in Downloads in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Medium)
Max CVSS
4.3
EPSS Score
0.08%
Published
2024-01-24
Updated
2024-01-29
Inappropriate implementation in Autofill in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low)
Max CVSS
4.3
EPSS Score
0.13%
Published
2023-12-06
Updated
2024-02-15
Incorrect security UI in Picture In Picture in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted local HTML page. (Chromium security severity: Low)
Max CVSS
4.3
EPSS Score
0.20%
Published
2023-11-01
Updated
2024-01-31
Inappropriate implementation in WebApp Provider in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low)
Max CVSS
4.3
EPSS Score
0.16%
Published
2023-11-01
Updated
2024-01-31
Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)
Max CVSS
4.3
EPSS Score
0.20%
Published
2023-11-01
Updated
2024-01-31
Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)
Max CVSS
4.3
EPSS Score
0.14%
Published
2023-11-01
Updated
2024-01-31
Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Medium)
Max CVSS
4.3
EPSS Score
0.14%
Published
2023-11-01
Updated
2024-01-31
Inappropriate implementation in Input in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Low)
Max CVSS
4.3
EPSS Score
0.13%
Published
2023-10-11
Updated
2024-01-31
Inappropriate implementation in Autofill in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to bypass autofill restrictions via a crafted HTML page. (Chromium security severity: Low)
Max CVSS
4.3
EPSS Score
0.13%
Published
2023-10-11
Updated
2024-01-31
Inappropriate implementation in Autofill in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
Max CVSS
4.3
EPSS Score
0.13%
Published
2023-10-11
Updated
2024-01-31
Inappropriate implementation in Installer in Google Chrome prior to 118.0.5993.70 allowed a local attacker to bypass discretionary access control via a crafted command. (Chromium security severity: Low)
Max CVSS
4.3
EPSS Score
0.05%
Published
2023-10-11
Updated
2024-01-31
Inappropriate implementation in Interstitials in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low)
Max CVSS
4.3
EPSS Score
0.13%
Published
2023-09-12
Updated
2024-01-31
Inappropriate implementation in Picture in Picture in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Low)
Max CVSS
4.3
EPSS Score
0.13%
Published
2023-09-12
Updated
2024-01-31
Inappropriate implementation in Intents in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low)
Max CVSS
4.3
EPSS Score
0.13%
Published
2023-09-12
Updated
2024-01-31
Insufficient policy enforcement in Autofill in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low)
Max CVSS
4.3
EPSS Score
0.13%
Published
2023-09-12
Updated
2024-01-31
Inappropriate implementation in Prompts in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)
Max CVSS
4.3
EPSS Score
0.13%
Published
2023-09-12
Updated
2024-01-31
Insufficient policy enforcement in Downloads in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to bypass Enterprise policy restrictions via a crafted download. (Chromium security severity: Medium)
Max CVSS
4.3
EPSS Score
0.13%
Published
2023-09-12
Updated
2024-01-31
Inappropriate implementation in Custom Mobile Tabs in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)
Max CVSS
4.3
EPSS Score
0.13%
Published
2023-09-12
Updated
2024-01-31
Inappropriate implementation in Input in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)
Max CVSS
4.3
EPSS Score
0.13%
Published
2023-09-12
Updated
2024-01-31
Inappropriate implementation in Prompts in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. (Chromium security severity: Medium)
Max CVSS
4.3
EPSS Score
0.13%
Published
2023-09-12
Updated
2024-01-31
Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to obfuscate a permission prompt via a crafted HTML page. (Chromium security severity: Medium)
Max CVSS
4.3
EPSS Score
0.13%
Published
2023-09-12
Updated
2024-01-31
Inappropriate implementation in Fullscreen in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)
Max CVSS
4.3
EPSS Score
0.13%
Published
2023-08-15
Updated
2024-01-31
410 vulnerabilities found
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!