CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-4360 – Debian Security Advisory 5479-1
https://notcve.org/view.php?id=CVE-2023-4360
15 Aug 2023 — Inappropriate implementation in Color in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium) La implementación inadecuada de Color en Google Chrome anterior a 116.0.5845.96 permitía a un atacante remoto ofuscar la seguridad de la interfaz de usuario a través de una página HTML manipulada. (Gravedad de seguridad de Chromium: Media) Multiple vulnerabilities have been discovered in Chromium and its derivatives, th... • https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-4359 – Debian Security Advisory 5479-1
https://notcve.org/view.php?id=CVE-2023-4359
15 Aug 2023 — Inappropriate implementation in App Launcher in Google Chrome on iOS prior to 116.0.5845.96 allowed a remote attacker to potentially spoof elements of the security UI via a crafted HTML page. (Chromium security severity: Medium) Una implementación inadecuada en App Launcher en Google Chrome en iOS anterior a 116.0.5845.96 permitía a un atacante remoto falsificar potencialmente elementos de la interfaz de usuario de seguridad a través de una página HTML manipulada. (Gravedad de seguridad de Chromium: Media) ... • https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-4358 – Debian Security Advisory 5479-1
https://notcve.org/view.php?id=CVE-2023-4358
15 Aug 2023 — Use after free in DNS in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. Versions greater than or equal to 120.0.6099.109 are affected. • https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 7CVE-2023-4357 – Debian Security Advisory 5479-1
https://notcve.org/view.php?id=CVE-2023-4357
15 Aug 2023 — Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium) Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. Versions greater than or equal to 120.0.6099.109 are affected. • https://github.com/OgulcanUnveren/CVE-2023-4357-APT-Style-exploitation • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-4356 – Debian Security Advisory 5479-1
https://notcve.org/view.php?id=CVE-2023-4356
15 Aug 2023 — Use after free in Audio in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who has convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. Versions greater than or equal to 120.0.6099.109 are affected. • https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 1CVE-2023-4355 – Debian Security Advisory 5479-1
https://notcve.org/view.php?id=CVE-2023-4355
15 Aug 2023 — Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. Versions greater than or equal to 120.0.6099.109 are affected. • https://packetstorm.news/files/id/174950 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 1CVE-2023-4354 – Debian Security Advisory 5479-1
https://notcve.org/view.php?id=CVE-2023-4354
15 Aug 2023 — Heap buffer overflow in Skia in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) When deserializing an SkPath, there is some basic validation performed to ensure that the contents are consistent. This validation does not use safe integer types, or perform additional validation, so it's possible for a large path to overflow the point count, resulting in an ... • https://packetstorm.news/files/id/174949 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-4353 – Debian Security Advisory 5479-1
https://notcve.org/view.php?id=CVE-2023-4353
15 Aug 2023 — Heap buffer overflow in ANGLE in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. Versions greater than or equal to 120.0.6099.109 are affected. • https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 1CVE-2023-4352 – Chrome Read-Only Property Overwrite
https://notcve.org/view.php?id=CVE-2023-4352
15 Aug 2023 — Type confusion in V8 in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) La Confusión de Tipos en V8 en Google Chrome anterior a 116.0.5845.96 permitía a un atacante remoto explotar potencialmente la corrupción de la memoria a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of w... • https://packetstorm.news/files/id/174669 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-4351 – Debian Security Advisory 5479-1
https://notcve.org/view.php?id=CVE-2023-4351
15 Aug 2023 — Use after free in Network in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who has elicited a browser shutdown to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. Versions greater than or equal to 120.0.6099.109 are affected. • https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html • CWE-416: Use After Free •