968 matches found
CVE-2023-2462
Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to obfuscate main origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2023-2468
Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed a remote attacker who had compromised the renderer process to obfuscate the security UI via a crafted HTML page. Chromium security severity: Low...
CVE-2023-2459
Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to bypass permission restrictions via a crafted HTML page. Chromium security severity: Medium...
CVE-2023-2459
Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to bypass permission restrictions via a crafted HTML page. Chromium security severity: Medium...
Design/Logic Flaw
Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to perform an origin spoof in the security UI via a crafted HTML page. Chromium security severity: Medium...
Design/Logic Flaw
Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to spoof the contents of the security UI via a crafted HTML page. Chromium security severity: Low...
Design/Logic Flaw
Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to obfuscate main origin data via a crafted HTML page. Chromium security severity: Medium...
Design/Logic Flaw
Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed a remote attacker who had compromised the renderer process to obfuscate the security UI via a crafted HTML page. Chromium security severity: Low...
CVE-2023-2467
Inappropriate implementation in Prompts in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to bypass permissions restrictions via a crafted HTML page. Chromium security severity: Low...
CVE-2023-2462
Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to obfuscate main origin data via a crafted HTML page. Chromium security severity: Medium...
Design/Logic Flaw
Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to hide the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...
chromium -- multiple vulnerabilities
Chrome Releases reports: This update includes 15 security fixes: 1423304 Medium CVE-2023-2459: Inappropriate implementation in Prompts. Reported by Rong Jian of VRI on 2023-03-10 1419732 Medium CVE-2023-2460: Insufficient validation of untrusted input in Extensions. Reported by Martin Bajanik,...
FreeBSD : chromium -- multiple vulnerabilities (246174d3-e979-11ed-8290-a8a1599412c6)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 246174d3-e979-11ed-8290-a8a1599412c6 advisory. - Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a...
CVE-2023-2467
Google Chrome on Android prior to 113.0.5672.63 is affected by CVE-2023-2467 due to an inappropriate implementation in Prompts, which could allow a remote attacker to bypass permissions restrictions via a crafted HTML page. The impact is a permissions bypass without other code execution details p...
CVE-2023-2466
Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to spoof the contents of the security UI via a crafted HTML page. Chromium security severity: Low...
CVE-2023-2463
Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to hide the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...
CVE-2023-2462
The connected documents confirm CVE-2023-2462 affects Google Chrome/Chromium, tied to an inappropriate implementation in Prompts that allowed a remote attacker to obfuscate main origin data via a crafted HTML page. Impact is described as Medium; affected components relate to Chrome/Chromium promp...
CVE-2023-2464
Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to perform an origin spoof in the security UI via a crafted HTML page. Chromium security severity: Medium...
CVE-2023-2462
Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to obfuscate main origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2023-2463
Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to hide the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...