CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-2137 – Debian Security Advisory 5393-1
https://notcve.org/view.php?id=CVE-2023-2137
19 Apr 2023 — Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions greater than or equal to 113.0.5672.126 are affected. • https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_18.html • CWE-787: Out-of-bounds Write •
CVSS: 9.6EPSS: 0%CPEs: 5EXPL: 0CVE-2023-2136 – Google Chrome Skia Integer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2023-2136
19 Apr 2023 — Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions greater than or equal to 113.0.5672.126 are affected. Google Chromium Skia contains an integer overflow vulnerability that allows a remote... • https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_18.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2023-2135 – Debian Security Advisory 5393-1
https://notcve.org/view.php?id=CVE-2023-2135
19 Apr 2023 — Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions greater than or equal to 113.0.5672.126 are affected. • https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_18.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-2134 – Debian Security Advisory 5393-1
https://notcve.org/view.php?id=CVE-2023-2134
19 Apr 2023 — Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions greater than or equal to 113.0.5672.126 are affected. • https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_18.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-2133 – Debian Security Advisory 5393-1
https://notcve.org/view.php?id=CVE-2023-2133
19 Apr 2023 — Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions greater than or equal to 113.0.5672.126 are affected. • https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_18.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 2%CPEs: 7EXPL: 5CVE-2023-2033 – Google Chromium V8 Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2023-2033
14 Apr 2023 — Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions greater than or equal to 113.0.5672.126 are affected. Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corrup... • https://github.com/mistymntncop/CVE-2023-2033 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-1823 – Debian Security Advisory 5386-1
https://notcve.org/view.php?id=CVE-2023-1823
04 Apr 2023 — Inappropriate implementation in FedCM in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low) It was discovered that Chromium did not properly manage memory in several components. A remote attacker could possibly use this issue to corrupt memory via a crafted HTML page, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that Chromium could be made to access memory out o... • https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop.html •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-1822 – Debian Security Advisory 5386-1
https://notcve.org/view.php?id=CVE-2023-1822
04 Apr 2023 — Incorrect security UI in Navigation in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low) It was discovered that Chromium did not properly manage memory in several components. A remote attacker could possibly use this issue to corrupt memory via a crafted HTML page, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that Chromium could be made to access memory out of bounds ... • https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop.html •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-1821 – Debian Security Advisory 5386-1
https://notcve.org/view.php?id=CVE-2023-1821
04 Apr 2023 — Inappropriate implementation in WebShare in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially hide the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low) It was discovered that Chromium did not properly manage memory in several components. A remote attacker could possibly use this issue to corrupt memory via a crafted HTML page, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that Chromium could be ... • https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop.html •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-1820 – Debian Security Advisory 5386-1
https://notcve.org/view.php?id=CVE-2023-1820
04 Apr 2023 — Heap buffer overflow in Browser History in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) It was discovered that Chromium did not properly manage memory in several components. A remote attacker could possibly use this issue to corrupt memory via a crafted HTML page, resulting in a denial of service, or possibly execute arbitrary code. ... • https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop.html • CWE-787: Out-of-bounds Write •