116 matches found
Google Chrome < 120.0.6099.109 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 120.0.6099.109. It is, therefore, affected by multiple vulnerabilities as referenced in the 202312stable-channel-update-for-desktop12 advisory. - Use after free in CSS in Google Chrome prior to 120.0.6099.109 allowed a...
Fedora 39 : chromium (2023-1fe02ca797)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-1fe02ca797 advisory. update to 120.0.6099.109 - High CVE-2023-6702: Type Confusion in V8 - High CVE-2023-6703: Use after free in Blink - High CVE-2023-6704: Use after fr...
FreeBSD : chromium -- multiple security fixes (502c9f72-99b3-11ee-86bb-a8a1599412c6)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 502c9f72-99b3-11ee-86bb-a8a1599412c6 advisory. - Type Confusion in V8. CVE-2023-6702 - Use after free in Blink. CVE-2023-6703 - Use after fre...
Google Chrome < 120.0.6099.109 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 120.0.6099.109. It is, therefore, affected by multiple vulnerabilities as referenced in the 202312stable-channel-update-for-desktop12 advisory. - Use after free in CSS in Google Chrome prior to 120.0.6099.109 allowed a...
chromium -- multiple security fixes
Chrome Releases reports: This update includes 9 security fixes: 1501326 High CVE-2023-6702: Type Confusion in V8. Reported by Zhiyi Zhang and Zhunki from Codesafe Team of Legendsec at Qi'anxin Group on 2023-11-10 1502102 High CVE-2023-6703: Use after free in Blink. Reported by Cassidy...
PT-2023-7684 · Google +4 · Google Chrome +4
Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 120.0.6099.109 Description: The issue is related to a use after free in the FedCM component of Google Chrome, which could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Updated chromium-browser-stable package fixes bugs and vulnerabilities
The chromium-browser-stable package has been updated to the 117.0.5938.92 release, fixing bugs and 31 vulnerabilities, together with 117.0.5938.92, 117.0.5938.88, 117.0.5938.62, 116.0.5845.187 and 116.0.5845.179. Google is aware that an exploit for CVE-2023-5217 exists in the wild. High...
Denial Of Service (DoS)
Google Chrome is vulnerable to Denial Of Service DoS. The vulnerability exists due to the out of bounds memory access in FedCM, which allows an attacker to perform out of bounds memory read via a maliciously crafted HTML page through the renderer process...
CVE-2023-4761
Out of bounds memory access in FedCM in Google Chrome prior to 116.0.5845.179 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...
CVE-2023-4761
CVE-2023-4761 is a memory‑safety issue in FedCM within Google Chrome/Chromium prior to 116.0.5845.179, allowing a renderer‑compromised attacker to perform an out‑of‑bounds memory read via a crafted page (severity HIGH). Connected sources confirm affected products include Chromium/Chrome; Debian a...
CVE-2023-4761
Out of bounds memory access in FedCM in Google Chrome prior to 116.0.5845.179 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...
Google Chrome < 116.0.5845.179 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 116.0.5845.179. It is, therefore, affected by multiple vulnerabilities as referenced in the 202309stable-channel-update-for-desktop advisory. - Use after free in Networks in Google Chrome prior to 116.0.5845.179 allowed...
Authentication Bypass
Google Chrome is vulnerable to Authentication Bypass. The vulnerability exists due to the inappropriate implementation in FedCM, which allows an attacker to bypass navigation restrictions via a crafted HTML page...
USN-6021-1: Chromium vulnerabilities
It was discovered that Chromium did not properly manage memory in several components. A remote attacker could possibly use this issue to corrupt memory via a crafted HTML page, resulting in a denial of service, or possibly execute arbitrary code. CVE-2023-1528, CVE-2023-1530, CVE-2023-1531,...
Google Chrome FedCM Security Bypass Vulnerability
Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome FedCM, which stems from an improper implementation in FedCM. An attacker can exploit this vulnerability to bypass security restrictions...
Chromium: CVE-2023-1823 Inappropriate implementation in FedCM
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
SUSE CVE-2023-1823
Inappropriate implementation in FedCM in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...
chromium -- multiple vulnerabilities
Chrome Releases reports: This update includes 16 security fixes: 1414018 High CVE-2023-1810: Heap buffer overflow in Visuals. Reported by Weipeng Jiang @Krace of VRI on 2023-02-08 1420510 High CVE-2023-1811: Use after free in Frames. Reported by Thomas Orlita on 2023-03-01 1418224 Medium...
CVE-2023-1823
Inappropriate implementation in FedCM in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...
CVE-2023-1823
Inappropriate implementation in FedCM in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...