CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0CVE-2023-5851
https://notcve.org/view.php?id=CVE-2023-5851
Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium) La implementación inadecuada en Descargas en Google Chrome anterior a 119.0.6045.105 permitió a un atacante remoto ofuscar la interfaz de usuario de seguridad a través de una página HTML manipulada. (Severidad de seguridad de Chromium: media) • https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html https://crbug.com/1473957 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MHLJRFWZNY6BFOW25Q4FEESVWZKS4C2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EBA4KD5ZSV6XWWFLVR5UBYKKNOYMH33H https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PHWLT3M2AQDFD7RNAM3NJMYUC5KHMO5V https://security.gentoo.org/glsa/202311-11 https://secu • CWE-346: Origin Validation Error •
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0CVE-2023-5850
https://notcve.org/view.php?id=CVE-2023-5850
Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Medium) La interfaz de usuario de seguridad incorrecta en Descargas en Google Chrome anterior a 119.0.6045.105 permitió a un atacante remoto realizar una suplantación de dominio a través de un nombre de dominio manipulado. (Severidad de seguridad de Chromium: media) • https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html https://crbug.com/1281972 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MHLJRFWZNY6BFOW25Q4FEESVWZKS4C2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EBA4KD5ZSV6XWWFLVR5UBYKKNOYMH33H https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PHWLT3M2AQDFD7RNAM3NJMYUC5KHMO5V https://security.gentoo.org/glsa/202311-11 https://secu •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-5849
https://notcve.org/view.php?id=CVE-2023-5849
Integer overflow in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) El desbordamiento de enteros en USB en Google Chrome anterior a 119.0.6045.105 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) • https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html https://crbug.com/1492384 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MHLJRFWZNY6BFOW25Q4FEESVWZKS4C2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EBA4KD5ZSV6XWWFLVR5UBYKKNOYMH33H https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PHWLT3M2AQDFD7RNAM3NJMYUC5KHMO5V https://security.gentoo.org/glsa/202311-11 https://secu • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-5482
https://notcve.org/view.php?id=CVE-2023-5482
Insufficient data validation in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) La validación de datos insuficiente en USB en Google Chrome anterior a 119.0.6045.105 permitió a un atacante remoto realizar acceso a la memoria fuera de los límites a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) • https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html https://crbug.com/1492381 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MHLJRFWZNY6BFOW25Q4FEESVWZKS4C2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EBA4KD5ZSV6XWWFLVR5UBYKKNOYMH33H https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PHWLT3M2AQDFD7RNAM3NJMYUC5KHMO5V https://security.gentoo.org/glsa/202311-11 https://secu • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 6.1EPSS: 0%CPEs: 6EXPL: 0CVE-2023-5480
https://notcve.org/view.php?id=CVE-2023-5480
Inappropriate implementation in Payments in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to bypass XSS preventions via a malicious file. (Chromium security severity: High) La implementación inadecuada en Pagos en Google Chrome anterior a 119.0.6045.105 permitió a un atacante remoto evitar las prevenciones XSS a través de un archivo malicioso. (Severidad de seguridad de Chrome: alta) • https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html https://crbug.com/1492698 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2MHLJRFWZNY6BFOW25Q4FEESVWZKS4C2 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EBA4KD5ZSV6XWWFLVR5UBYKKNOYMH33H https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PHWLT3M2AQDFD7RNAM3NJMYUC5KHMO5V https://security.gentoo.org/glsa/202311-11 https://secu • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •