Astra Linux - уязвимость в chromium

Insufficient policy enforcement in the Extensions API in Google Chrome prior to 111.0.5563.64 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions through a crafted Chrome Extension. Chromium security severity: Medium...

Astra Linux - уязвимость в chromium

Insufficient policy enforcement in Resource Timing in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to obtain potentially sensitive information from APIs through a crafted HTML page. Chromium security severity: Low...

Astra Linux - уязвимость в chromium

A heap buffer overflow in the Metrics component of Google Chrome prior to version 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

Astra Linux - уязвимость в chromium

Insufficient data validation in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

Astra Linux - уязвимость в chromium

Insufficient policy enforcement in Resource Timing in Google Chrome prior to 111.0.5563.64 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from APIs through a crafted Chrome Extension. Chromium security severity: Low...

EUVD-2023-23496

Malicious code in bioql PyPI...

DEBIAN-CVE-2023-2314

Insufficient data validation in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

Google Chrome 数据伪造问题漏洞

Google Chrome is a web browser from Google, Inc. A security vulnerability previously existed in Google Chrome version 111.0.5563.64, which stemmed from an insufficient data validation in DevTools...

Google Chrome Core resource management error vulnerability

Google Chrome is a web browser from Google, Inc. A security vulnerability exists in versions prior to Google Chrome 111.0.5563.64, which stems from a confusion in the Core component's instructions for freeing memory. A remote attacker could exploit the vulnerability to cause heap corruption via a...

SUSE CVE-2023-1224

Insufficient policy enforcement in Web Payments API in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

SUSE CVE-2023-1226

Insufficient policy enforcement in Web Payments API in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to bypass content security policy via a crafted HTML page. Chromium security severity: Medium...

SUSE CVE-2023-1228

Insufficient policy enforcement in Intents in Google Chrome on Android prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

SUSE CVE-2023-1231

Inappropriate implementation in Autofill in Google Chrome on Android prior to 111.0.5563.64 allowed a remote attacker to potentially spoof the contents of the omnibox via a crafted HTML page. Chromium security severity: Medium...

SUSE CVE-2023-1235

Type confusion in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted UI interaction. Chromium security severity: Low...

Google Chrome Security Updates (stable-channel-update-for-desktop-2023-03) - Windows

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

Vulnerabilities fixed in Google Chrome

Google has fixed several vulnerabilities in Chrome. A remote malicious person could exploit the vulnerabilities to perform execute attacks that could result in the following categories of damage: Denial-of-Service DoS Circumvention of security measure Remote code execution User rights Access to...

DEBIAN-CVE-2023-1232

Insufficient policy enforcement in Resource Timing in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to obtain potentially sensitive information from API via a crafted HTML page. Chromium security severity: Low...

DEBIAN-CVE-2023-1235

Type confusion in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted UI interaction. Chromium security severity: Low...

DEBIAN-CVE-2023-1226

Insufficient policy enforcement in Web Payments API in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to bypass content security policy via a crafted HTML page. Chromium security severity: Medium...

DEBIAN-CVE-2023-1231

Inappropriate implementation in Autofill in Google Chrome on Android prior to 111.0.5563.64 allowed a remote attacker to potentially spoof the contents of the omnibox via a crafted HTML page. Chromium security severity: Medium...