Log

CVE-2019-13746 edited at 13 Jan 2020 16:37:13
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Content spoofing
Description
+ Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
References
+ https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html
Notes
CVE-2019-13745 edited at 13 Jan 2020 16:36:42
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Information disclosure
Description
+ Insufficient policy enforcement in audio in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
References
+ https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html
Notes
CVE-2019-13744 edited at 13 Jan 2020 16:36:20
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Information disclosure
Description
+ Insufficient policy enforcement in cookies in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
References
+ https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html
Notes
CVE-2019-13743 edited at 13 Jan 2020 16:32:56
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Content spoofing
Description
+ Incorrect security UI in external protocol handling in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to spoof security UI via a crafted HTML page.
References
+ https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html
Notes
CVE-2019-13742 edited at 13 Jan 2020 16:32:30
Severity
- High
+ Medium
CVE-2019-13742 edited at 13 Jan 2020 16:32:19
Severity
- Unknown
+ High
Remote
- Unknown
+ Remote
Type
- Unknown
+ Content spoofing
Description
+ Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
References
+ https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html
Notes
CVE-2019-13741 edited at 13 Jan 2020 16:31:48
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Same-origin policy bypass
Description
+ Insufficient validation of untrusted input in Blink in Google Chrome prior to 79.0.3945.79 allowed a local attacker to bypass same origin policy via crafted clipboard content.
References
+ https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html
Notes
CVE-2019-13740 edited at 13 Jan 2020 16:31:25
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Content spoofing
Description
+ Incorrect security UI in sharing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
References
+ https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html
Notes
CVE-2019-13739 edited at 13 Jan 2020 16:30:28
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Content spoofing
Description
+ Insufficient policy enforcement in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
References
+ https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html
Notes
CVE-2019-13738 edited at 13 Jan 2020 16:29:42
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Access restriction bypass
Description
+ Insufficient policy enforcement in navigation in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass site isolation via a crafted HTML page.
References
+ https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html
Notes