CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2023-3497
https://notcve.org/view.php?id=CVE-2023-3497
03 Jul 2023 — Out of bounds read in Google Security Processor firmware in Google Chrome on Chrome OS prior to 114.0.5735.90 allowed a local attacker to perform denial of service via physical access to the device. (Chromium security severity: Medium) • https://chromereleases.googleblog.com/2023/07/stable-channel-update-for-chromeos.html • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2023-3422 – Debian Security Advisory 5440-1
https://notcve.org/view.php?id=CVE-2023-3422
26 Jun 2023 — Use after free in Guest View in Google Chrome prior to 114.0.5735.198 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. Versions greater than or equal to 120.0.6099.109 are affected. • https://chromereleases.googleblog.com/2023/06/stable-channel-update-for-desktop_26.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2023-3421 – Debian Security Advisory 5440-1
https://notcve.org/view.php?id=CVE-2023-3421
26 Jun 2023 — Use after free in Media in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. Versions greater than or equal to 120.0.6099.109 are affected. • https://chromereleases.googleblog.com/2023/06/stable-channel-update-for-desktop_26.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-3420 – Debian Security Advisory 5440-1
https://notcve.org/view.php?id=CVE-2023-3420
26 Jun 2023 — Type Confusion in V8 in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. Versions greater than or equal to 120.0.6099.109 are affected. • https://chromereleases.googleblog.com/2023/06/stable-channel-update-for-desktop_26.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 1CVE-2023-3217 – Gentoo Linux Security Advisory 202311-11
https://notcve.org/view.php?id=CVE-2023-3217
13 Jun 2023 — Use after free in WebXR in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Chrome suffers from a heap use-after-free vulnerability in device::OpenXrApiWrapper::InitSession. Versions affected include Google Chrome 114.0.5735.45 (Official Build) and Chromium 116.0.5806.0 (Developer Build). • https://packetstorm.news/files/id/173495 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-3216 – Gentoo Linux Security Advisory 202311-11
https://notcve.org/view.php?id=CVE-2023-3216
13 Jun 2023 — Type confusion in V8 in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. Versions greater than or equal to 120.0.6099.109 are affected. • https://chromereleases.googleblog.com/2023/06/stable-channel-update-for-desktop_13.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-3215 – Gentoo Linux Security Advisory 202311-11
https://notcve.org/view.php?id=CVE-2023-3215
13 Jun 2023 — Use after free in WebRTC in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. Versions greater than or equal to 120.0.6099.109 are affected. • https://chromereleases.googleblog.com/2023/06/stable-channel-update-for-desktop_13.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-3214 – Gentoo Linux Security Advisory 202311-11
https://notcve.org/view.php?id=CVE-2023-3214
13 Jun 2023 — Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. Versions greater than or equal to 120.0.6099.109 are affected. • https://chromereleases.googleblog.com/2023/06/stable-channel-update-for-desktop_13.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 34%CPEs: 11EXPL: 4CVE-2023-3079 – Google Chromium V8 Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2023-3079
05 Jun 2023 — Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. Versions greater than or equal to 120.0.6099.109 are affected. Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corru... • https://packetstorm.news/files/id/176211 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-2941 – Gentoo Linux Security Advisory 202311-11
https://notcve.org/view.php?id=CVE-2023-2941
30 May 2023 — Inappropriate implementation in Extensions API in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to spoof the contents of the UI via a crafted Chrome Extension. (Chromium security severity: Low) Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. Versions greater than or equal to 120.0.6099.109 are affected. • https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop_30.html •