CVE-2023-1230

Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 111.0.5563.64 allowed an attacker who convinced a user to install a malicious WebApp to spoof the contents of the PWA installer via a crafted HTML page. Chromium security severity: Medium...

Design/Logic Flaw

Inappropriate implementation in Permission prompts in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

CVE-2023-1229

Inappropriate implementation in Permission prompts in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

CVE-2023-1234

Inappropriate implementation in Intents in Google Chrome on Android prior to 111.0.5563.64 allowed a remote attacker to perform domain spoofing via a crafted HTML page. Chromium security severity: Low...

CVE-2023-1236

CVE-2023-1236 affects Google Chrome (Chromium-based) prior to 111.0.5563.64 via an inappropriate implementation in Internals that allowed remote spoofing of an iframe origin through a crafted HTML page. The issue is logged as a Low severity in Chromium terms (CVSS 3.1 base 4.3, MEDIUM overall). R...

CVE-2023-1236

Inappropriate implementation in Internals in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to spoof the origin of an iframe via a crafted HTML page. Chromium security severity: Low...

CVE-2023-1230

Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 111.0.5563.64 allowed an attacker who convinced a user to install a malicious WebApp to spoof the contents of the PWA installer via a crafted HTML page. Chromium security severity: Medium...

CVE-2023-1230

CVE-2023-1230 concerns an Inappropriate implementation in WebApp Installs in Google Chrome on Android before version 111.0.5563.64. The issue allows an attacker who persuades a user to install a malicious WebApp to spoof the contents of the PWA installer via a crafted HTML page. Affected product ...

CVE-2023-1229

The CVE-2023-1229 entry concerns Google Chrome (Chromium-based) prior to version 111.0.5563.64. Affected component: Permission prompts implementation. Root cause: Inappropriate implementation in Permission prompts allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...

Fedora 36 : chromium (2023-4e6353c6f7)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-4e6353c6f7 advisory. Update to 110.0.5481.77. Fixes the following security issues: CVE-2023-0696 CVE-2023-0697 CVE-2023-0698 CVE-2023-0699 CVE-2023-0700 CVE-2023-0701...

Google Chrome < 110.0.5481.77 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 110.0.5481.77. It is, therefore, affected by multiple vulnerabilities as referenced in the 202302stable-channel-update-for-desktop advisory. - Type confusion in DevTools in Google Chrome prior to 110.0.5481.77 allowed a...

Chromium: CVE-2023-0700 Inappropriate implementation in Download

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2023-0697

Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 110.0.5481.77 allowed a remote attacker to spoof the contents of the security UI via a crafted HTML page. Chromium security severity: High...

CVE-2023-0700

Inappropriate implementation in Download in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

Information disclosure

Inappropriate implementation in Download in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

CVE-2023-0697

CVE-2023-0697: In Google Chrome for Android, prior to 110.0.5481.77, an inappropriate Fullscreen implementation allows a remote attacker to spoof the security UI via a crafted HTML page. The issue is fixed in Chrome 110.0.5481.77+. Affected product: Google Chrome on Android; root cause: Fullscree...

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 15 security fixes, including: 1402270 High CVE-2023-0696: Type Confusion in V8. Reported by Haein Lee at KAIST Hacking Lab on 2022-12-18 1341541 High CVE-2023-0697: Inappropriate implementation in Full screen mode. Reported by Ahmed ElMasry on...

Microsoft Edge (Chromium) < 109.0.1518.49 / 108.0.1462.83 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 109.0.1518.49 / 108.0.1462.83. It is, therefore, affected by multiple vulnerabilities as referenced in the January 12, 2023 advisory. - Heap buffer overflow in Network Service in Google Chrome prior to 109.0.5414.74...

Chromium:CVE-2023-0133: Inappropriate implementation in Permission prompts

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium:CVE-2023-0131: Inappropriate implementation in iframe Sandbox

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...