Incorrect implementation in permissions in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof security UI via a crafted HTML page. Date published : 2020-06-03 https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html https://crbug.com/785159
Insufficient policy enforcement in CSP in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass content security policy via a crafted HTML page. Date published : 2020-06-03 https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html https://crbug.com/990581
Inappropriate implementation in interstitials in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. Date published : 2020-06-03 https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html https://crbug.com/843095
Inappropriate implementation in AppCache in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass AppCache security restrictions via a crafted HTML page. Date published : 2020-06-03 https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop.html https://crbug.com/999001
Incorrect implementation in user interface in Google Chrome on iOS prior to 83.0.4103.88 allowed a remote attacker to perform domain spoofing via a crafted HTML page. Date published : 2020-06-03 https://www.debian.org/security/2020/dsa-4714 https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html
Insufficient policy enforcement in Omnibox in Google Chrome on iOS prior to 83.0.4103.88 allowed a remote attacker to perform domain spoofing via a crafted URI. Date published : 2020-06-03 https://www.debian.org/security/2020/dsa-4714 https://chromereleases.googleblog.com/2020/06/stable-channel-update-for-desktop.html
Use after free in payments in Google Chrome on MacOS prior to 83.0.4103.97 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Date published : 2020-06-03 https://www.debian.org/security/2020/dsa-4714 https://security.gentoo.org/glsa/202006-02
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.97 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome...
Incorrect security UI in payments in Google Chrome on Android prior to 83.0.4103.97 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. Date published :...
Use after free in WebAuthentication in Google Chrome prior to 83.0.4103.97 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Date published...
Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Date published : 2020-06-03 https://chromereleases.googleblog.com/2020/03/stable-channel-update-for-desktop_31.html https://crbug.com/1065094
Out of bounds write in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Date published : 2020-06-03 https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_7.html https://crbug.com/1040325
In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, any users with the ability to modify any data that could eventually be exported as a CSV file from the `ImportExportController` could potentially...
In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, a user with the ability to use the import functionality of the `ImportExportController` behavior can be socially engineered by an attacker to upload...