CVE-2022-4922

Inappropriate implementation in Blink in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2022-4915

CVE-2022-4915 is a Chrome/Chromium URL formatting vulnerability: an improper URL handling in Chrome prior to 103.0.5060.134 allowed a remote attacker to spoof domains via a crafted HTML page. Documents consistently reference Google Chrome/Chromium and a domain-spoofing impact; desktop Chrome vers...

CVE-2022-4910

Inappropriate implementation in Autofill in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

CVE-2022-4913

Inappropriate implementation in Extensions in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who had compromised the renderer process to spoof extension storage via a crafted HTML page. Chromium security severity: High...

CVE-2022-4906

CVE-2022-4906 concerns Blink/Chromium in Google Chrome prior to 108.0.5359.71. The vulnerability arises from an inappropriate implementation in Blink that permits a remote attacker to perform arbitrary read/write via a crafted HTML page, with high impact (C/H, I/H, A/H) and network attack vector....

CVE-2022-4906

Inappropriate implementation in Blink in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...

Chromium: CVE-2023-3738 Inappropriate implementation in Autofill

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2023-3734 Inappropriate implementation in Picture In Picture

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Microsoft Edge (Chromium) < 114.0.1901.183 / 115.0.1901.183 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 114.0.1901.183 / 115.0.1901.183. It is, therefore, affected by multiple vulnerabilities as referenced in the July 21, 2023 advisory. - Microsoft Edge Chromium-based Spoofing Vulnerability CVE-2023-35392 - Microsoft Edg...

Debian DSA-5456-1 : chromium - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5456 advisory. - Use after free in WebRTC. CVE-2023-3727, CVE-2023-3728 - Use after free in Tab Groups. CVE-2023-3730 - Out of bounds memory access in Mojo. CVE-2023-3732 -...

FreeBSD : chromium -- multiple vulnerabilities (2f22927f-26ea-11ee-8290-a8a1599412c6)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 2f22927f-26ea-11ee-8290-a8a1599412c6 advisory. - Use after free in WebRTC. CVE-2023-3727, CVE-2023-3728 - Use after free in Tab Groups...

chromium -- multiple vulnerabilities

Chrome Releases reports: This update includes 20 security fixes: 1454086 High CVE-2023-3727: Use after free in WebRTC. Reported by Cassidy Kim@cassidy6564 on 2023-06-12 1457421 High CVE-2023-3728: Use after free in WebRTC. Reported by Zhenghang Xiao @Kipreyyy on 2023-06-23 1453465 High...

OPENSUSE-SU-2023:0117-1 Security update for chromium

This update for chromium fixes the following issues: - build with llvm15 on Leap - Chromium 113.0.5672.126 boo1211442: CVE-2023-2721: Use after free in Navigation CVE-2023-2722: Use after free in Autofill UI CVE-2023-2723: Use after free in DevTools CVE-2023-2724: Type Confusion in V8...

FreeBSD : chromium -- multiple vulnerabilities (fd87a250-ff78-11ed-8290-a8a1599412c6)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the fd87a250-ff78-11ed-8290-a8a1599412c6 advisory. - Out of bounds write in Swiftshader in Google Chrome prior to 114.0.5735.90 allowed a remote...

CVE-2023-2941

Inappropriate implementation in Extensions API in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to spoof the contents of the UI via a crafted Chrome Extension. Chromium security severity: Low...

CVE-2023-2938

Inappropriate implementation in Picture In Picture in Google Chrome prior to 114.0.5735.90 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

CVE-2023-2937

Inappropriate implementation in Picture In Picture in Google Chrome prior to 114.0.5735.90 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

CVE-2023-2941

Inappropriate implementation in Extensions API in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to spoof the contents of the UI via a crafted Chrome Extension. Chromium security severity: Low...

Information disclosure

Inappropriate implementation in Extensions API in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to spoof the contents of the UI via a crafted Chrome Extension. Chromium security severity: Low...

Information disclosure

Inappropriate implementation in Picture In Picture in Google Chrome prior to 114.0.5735.90 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...