Design/Logic Flaw

Inappropriate implementation in in File System API in Google Chrome on Windows prior to 109.0.5414.74 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. Chromium security severity: Low...

CVE-2023-0131

Inappropriate implementation in in iframe Sandbox in Google Chrome prior to 109.0.5414.74 allowed a remote attacker to bypass file download restrictions via a crafted HTML page. Chromium security severity: Medium...

CVE-2023-0136

CVE-2023-0136 affects Google Chrome/Chromium’s Fullscreen API implementation. The issue is an inappropriate implementation in Fullscreen API that can allow a remote attacker to trigger an incorrect security UI via a crafted HTML page. Public source records consistently tie this CVE to Chrome/Chro...

CVE-2023-0132

Inappropriate implementation in in Permission prompts in Google Chrome on Windows prior to 109.0.5414.74 allowed a remote attacker to force acceptance of a permission prompt via a crafted HTML page. Chromium security severity: Medium...

CVE-2023-0130

Inappropriate implementation in in Fullscreen API in Google Chrome on Android prior to 109.0.5414.74 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

CVE-2023-0133

Inappropriate implementation in in Permission prompts in Google Chrome on Android prior to 109.0.5414.74 allowed a remote attacker to bypass main origin permission delegation via a crafted HTML page. Chromium security severity: Medium...

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 17 security fixes, including: 1353208 High CVE-2023-0128: Use after free in Overview Mode. Reported by Khalil Zhani on 2022-08-16 1382033 High CVE-2023-0129: Heap buffer overflow in Network Service. Reported by asnine on 2022-11-07 1370028 Medium...

Google Chrome < 109.0.5414.87 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 109.0.5414.87. It is, therefore, affected by multiple vulnerabilities as referenced in the 202301stable-channel-update-for-desktop advisory. - Heap buffer overflow in libphonenumber in Google Chrome prior to 109.0.5414.74...

Google Chrome < 109.0.5414.74 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 109.0.5414.74. It is, therefore, affected by multiple vulnerabilities as referenced in the 202301stable-channel-update-for-desktop advisory. - Heap buffer overflow in libphonenumber in Google Chrome prior to 109.0.5414....

FreeBSD : chromium -- multiple vulnerabilities (7b929503-911d-11ed-a925-3065ec8fd3ec)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 7b929503-911d-11ed-a925-3065ec8fd3ec advisory. - Use after free in Overview Mode in Google Chrome on Chrome OS prior to 109.0.5414.74 allowed...

CVE-2022-4025

Inappropriate implementation in Paint in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to leak cross-origin data outside an iframe via a crafted HTML page. Chrome security severity: Low...

Design/Logic Flaw

Inappropriate implementation in Paint in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to leak cross-origin data outside an iframe via a crafted HTML page. Chrome security severity: Low...

CVE-2022-4025

Inappropriate implementation in Paint in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to leak cross-origin data outside an iframe via a crafted HTML page. Chrome security severity: Low...

CVE-2022-0801

Inappropriate implementation in HTML parser in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass XSS preventions via a crafted HTML page. Chrome security severity: Medium...

Chromium: CVE-2022-4182 Inappropriate implementation in Fenced Frames

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2022-4185

CVE-2022-4185 affects Google Chrome on iOS prior to 108.0.5359.71. The issue is an Inappropriate implementation in Navigation that allows a remote attacker to spoof the contents of a modal dialogue via a crafted HTML page. Impact is spoofing of modal content; no exploitation details are provided ...

CVE-2022-4185

Inappropriate implementation in Navigation in Google Chrome on iOS prior to 108.0.5359.71 allowed a remote attacker to spoof the contents of the modal dialogue via a crafted HTML page. Chromium security severity: Medium...

CVE-2022-4182

CVE-2022-4182 concerns Google Chrome’s Fenced Frames implementation. Affected software: Google Chrome (Chromium-based) prior to version 108.0.5359.71. Root cause: Inappropriate implementation of Fenced Frames allowed a remote attacker to bypass fenced frame restrictions via a crafted HTML page. I...

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 28 security fixes, including: 1379054 High CVE-2022-4174: Type Confusion in V8. Reported by Zhenghang Xiao @Kipreyyy on 2022-10-27 1381401 High CVE-2022-4175: Use after free in Camera Capture. Reported by Leecraso and Guang Gong of 360 Alpha Lab on...

CVE-2022-3447

CVE-2022-3447 refers to an issue in Google Chrome on Android prior to 106.0.5249.119 where an inappropriate implementation in Custom Tabs allowed a remote attacker to spoof the Omnibox (URL bar) contents via a crafted HTML page. The vulnerability is associated with Chromium’s High severity and is...