Kaspersky Protection extension for web browser Google Chrome prior to 30.112.62.0 was vulnerable to unauthorized access to its features remotely that could lead to removing other installed extensions.
Max CVSS
4.3
EPSS Score
0.07%
Published
2019-11-25
Updated
2020-08-24
Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
0.93%
Published
2019-12-10
Updated
2022-03-31
Insufficient policy enforcement in payments in Google Chrome prior to 79.0.3945.79 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.
Max CVSS
4.3
EPSS Score
0.53%
Published
2019-12-10
Updated
2023-02-15
Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 79.0.3945.79 allowed a local attacker to spoof downloaded files via local code.
Max CVSS
3.3
EPSS Score
0.04%
Published
2019-12-10
Updated
2023-02-15
Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
Max CVSS
4.3
EPSS Score
0.31%
Published
2019-12-10
Updated
2023-02-15
Incorrect security UI in interstitials in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
Max CVSS
4.3
EPSS Score
0.21%
Published
2019-12-10
Updated
2023-02-10
Insufficient policy enforcement in navigation in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
Max CVSS
4.3
EPSS Score
0.26%
Published
2019-12-10
Updated
2023-02-15
Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
Max CVSS
4.3
EPSS Score
0.28%
Published
2019-12-10
Updated
2023-02-10
Incorrect security UI in printing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
Max CVSS
4.3
EPSS Score
0.30%
Published
2019-12-10
Updated
2023-02-10
Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to disable extensions via a crafted HTML page.
Max CVSS
4.3
EPSS Score
0.30%
Published
2019-12-10
Updated
2023-02-10
Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
Max CVSS
4.3
EPSS Score
0.26%
Published
2019-12-10
Updated
2023-02-04
Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
Max CVSS
6.5
EPSS Score
0.74%
Published
2019-12-10
Updated
2023-02-10
Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
Max CVSS
6.5
EPSS Score
0.74%
Published
2019-12-10
Updated
2023-02-10
Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
Max CVSS
6.5
EPSS Score
1.02%
Published
2019-12-10
Updated
2023-02-10
Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass defense-in-depth measures via a crafted HTML page.
Max CVSS
6.5
EPSS Score
0.77%
Published
2019-12-10
Updated
2023-02-04
Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
Max CVSS
6.5
EPSS Score
0.30%
Published
2019-12-10
Updated
2023-02-04
Insufficient policy enforcement in developer tools in Google Chrome prior to 79.0.3945.79 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
Max CVSS
6.5
EPSS Score
0.17%
Published
2019-12-10
Updated
2023-02-03
Uninitialized data in rendering in Google Chrome on Android prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
0.58%
Published
2019-12-10
Updated
2023-02-15
Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
Max CVSS
6.5
EPSS Score
0.30%
Published
2019-12-10
Updated
2023-02-03
Insufficient policy enforcement in audio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
Max CVSS
6.5
EPSS Score
0.46%
Published
2019-12-10
Updated
2022-03-31
Insufficient policy enforcement in cookies in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
Max CVSS
6.5
EPSS Score
0.56%
Published
2019-12-10
Updated
2023-02-03
Incorrect security UI in external protocol handling in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to spoof security UI via a crafted HTML page.
Max CVSS
6.5
EPSS Score
0.30%
Published
2019-12-10
Updated
2023-01-30
Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
Max CVSS
6.5
EPSS Score
0.36%
Published
2019-12-10
Updated
2023-02-15
Insufficient validation of untrusted input in Blink in Google Chrome prior to 79.0.3945.79 allowed a local attacker to bypass same origin policy via crafted clipboard content.
Max CVSS
8.8
EPSS Score
0.21%
Published
2019-12-10
Updated
2023-01-30
Incorrect security UI in sharing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
Max CVSS
6.5
EPSS Score
0.33%
Published
2019-12-10
Updated
2023-01-30