CVE-2023-4902

Inappropriate implementation in Input in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. Chromium security severity: Medium...

CVE-2023-4901

Inappropriate implementation in Prompts in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. Chromium security severity: Medium...

Information disclosure

Inappropriate implementation in Picture in Picture in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. Chromium security severity: Low...

Information disclosure

Inappropriate implementation in Interstitials in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to obfuscate security UI via a crafted HTML page. Chromium security severity: Low...

CVE-2023-4902

Inappropriate implementation in Input in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. Chromium security severity: Medium...

CVE-2023-4909

CVE-2023-4909 describes an Inappropriate implementation in Interstitials in Google Chrome/Chromium prior to 117.0.5938.62 that allows a remote attacker to obfuscate the security UI via a crafted HTML page. The issue is documented across multiple sources (Chromium/Chrome advisories, Debian securit...

CVE-2023-4908

CVE-2023-4908: In Google Chrome/Chromium, an inappropriate implementation in Picture-in-Picture allowed a remote attacker to spoof the security UI via a crafted HTML page. Affected versions are prior to 117.0.5938.62 (Chrome/Chromium). The issue is rated Low severity by the Chromium/Chrome ecosys...

CVE-2023-4907

Inappropriate implementation in Intents in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to obfuscate security UI via a crafted HTML page. Chromium security severity: Low...

CVE-2023-4901

Inappropriate implementation in Prompts in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. Chromium security severity: Medium...

CVE-2023-4902

CVE-2023-4902 affects Google Chrome and Chromium. The issue is an inappropriate implementation in Input that lets a remote attacker spoof security UI via a crafted HTML page. Root cause: flawed handling in the Input module prior to version 117.0.5938.62. Impact: spoofed UI could mislead users; ex...

CVE-2023-4903

CVE-2023-4903 concerns Google Chrome on Android before 117.0.5938.62, where Inappropriate implementation in Custom Mobile Tabs allowed a remote attacker to spoof security UI via a crafted HTML page. The linked sources confirm this is a Chromium-derived issue affecting Chrome/Chromium and related ...

CVE-2023-4900

CVE-2023-4900 affects Google Chrome/Chromium family (Android Chrome prior to 117.0.5938.62) where an inappropriate implementation in Custom Tabs allows a remote attacker to obfuscate a permission prompt via a crafted HTML page. Connected advisories indicate this is one of multiple Chromium issues...

chromium -- multiple vulnerabilities

Chrome Releases reports: This update includes 16 security fixes: 1479274 Critical CVE-2023-4863: Heap buffer overflow in WebP. Reported by Apple Security Engineering and Architecture SEAR and The Citizen Lab at The University of Torontoʼs Munk School on 2023-09-06 1430867 Medium CVE-2023-4900:...

CVE-2019-13689

Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a remote attacker to perform arbitrary read/write via a malicious file. Chromium security severity: Critical...

CVE-2019-13689

Affected software: Google Chrome on ChromeOS. The CVE-2019-13689 issue stems from an inappropriate OS implementation that allows a remote attacker with local access and user interaction to perform arbitrary read/write via a malicious file. Impact is high (confidentiality, integrity, availability)...

CVE-2019-13690

Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a remote attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: High...

Chromium: CVE-2023-4359 Inappropriate implementation in App Launcher

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2023-4365

Inappropriate implementation in Fullscreen in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. Chromium security severity: Medium...

CVE-2023-4363

Inappropriate implementation in WebShare in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to spoof the contents of a dialog URL via a crafted HTML page. Chromium security severity: Medium...

CVE-2023-4350

Inappropriate implementation in Fullscreen in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to potentially spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: High...