23 matches found
Astra Linux - уязвимость в chromium
The use of After Free in the Network component in Google Chrome before version 116.0.5845.96 allowed a remote attacker who had induced a browser shutdown to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Fedora 38 : chromium (2023-f8e94641dc)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-f8e94641dc advisory. update to 116.0.5845.96. Fixes following security issues: CVE-2023-2312 CVE-2023-4349 CVE-2023-4350 CVE-2023-4351 CVE-2023-4352 CVE-2023-4353...
Google Chrome Input Validation Error Vulnerability (CNVD-2023-65155)
Google Chrome is a web browser from Google, an American company. An input validation error vulnerability exists in Google Chrome prior to version 116.0.5845.96, which stems from insufficient input validation in XML, and can be exploited by remote attackers to bypass file access restrictions via a...
SUSE CVE-2023-4351
Use after free in Network in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who has elicited a browser shutdown to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
SUSE CVE-2023-4360
Inappropriate implementation in Color in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. Chromium security severity: Medium...
DEBIAN-CVE-2023-4356
Use after free in Audio in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who has convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
DEBIAN-CVE-2023-4350
Inappropriate implementation in Fullscreen in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to potentially spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: High...
DEBIAN-CVE-2023-4354
Heap buffer overflow in Skia in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
DEBIAN-CVE-2023-4349
Use after free in Device Trust Connectors in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser from Google, Inc. in the United States. A security vulnerability exists in Google Chrome on Android prior to version 116.0.5845.96, which stems from the presence of a post-release reuse vulnerability. An attacker can exploit the vulnerability to cause the program to...
PT-2023-4470 · Google +2 · Google Chrome +2
Name of the Vulnerable Software and Affected Versions: Google Chrome on Android versions prior to 116.0.5845.96 Description: The issue is related to an inappropriate implementation in the Autofill function of Google Chrome on Android, which can be exploited by a remote attacker to bypass existing...
Stable Channel Update for Desktop
The Stable and Extended stable channels has been updated to 116.0.5845.96 for Mac and Linux and 116.0.5845.96/.97 for Windows, which will roll out over the coming days/weeks. A full list of changes in this build is available in the log. Security Fixes and Rewards Note: Access to bug details and...
PT-2023-4466 · Google +3 · Skia +4
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 116.0.5845.96 Description: The issue is related to a heap buffer overflow in the Skia graphics library of Google Chrome, which can be exploited by a remote attacker using a specially crafted HTML page. This cou...
Google Chrome 安全漏洞
Google Chrome is a web browser from Google, Inc USA. A security vulnerability exists in versions prior to Google Chrome 116.0.5845.96, which stems from an improper implementation in Color that allows remote attackers to obfuscate the security UI via a crafted HTML page...
PT-2023-4476 · Google +3 · Google Chrome +4
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 116.0.5845.96 Description: The issue is related to an out of bounds memory access in V8, a component of Google Chrome, which could allow a remote attacker to potentially exploit heap corruption via a crafted HT...
PT-2023-4459 · Google +2 · Google Chrome +2
Name of the Vulnerable Software and Affected Versions: Google Chrome on iOS versions prior to 116.0.5845.96 Description: The issue is related to an inappropriate implementation in the App Launcher of Google Chrome, allowing a remote attacker to potentially spoof elements of the security UI via a...
PT-2023-4456 · Google +3 · Google Chrome +3
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 116.0.5845.96 Description: The issue is related to a use after free in the Network component, which could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page. This could lead ...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser from Google, Inc. in the United States. A security vulnerability exists in versions prior to Google Chrome 116.0.5845.96, which originates from the presence of post-release reuse on the network and allows remote attackers to cause the browser to shut down via a...
PT-2023-4463 · Google +3 · Google Chrome +3
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 116.0.5845.96 Description: The issue is related to insufficient policy enforcement in the Extensions API of Google Chrome, allowing a remote attacker to install arbitrary extensions using a specially crafted HT...
Google Chrome < 116.0.5845.96 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 116.0.5845.96. It is, therefore, affected by multiple vulnerabilities as referenced in the 202308stable-channel-update-for-desktop15 advisory. - Insufficient policy enforcement in Extensions API in Google Chrome prior t...