CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-2462 – Debian Security Advisory 5398-1
https://notcve.org/view.php?id=CVE-2023-2462
02 May 2023 — Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to obfuscate main origin data via a crafted HTML page. (Chromium security severity: Medium) Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions greater than or equal to 113.0.5672.126 are affected. • https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop.html •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2023-2461 – Debian Security Advisory 5398-1
https://notcve.org/view.php?id=CVE-2023-2461
02 May 2023 — Use after free in OS Inputs in Google Chrome on ChromeOS prior to 113.0.5672.63 allowed a remote attacker who convinced a user to enage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: Medium) Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions greater than or equal to 113.0.5672.126 are affected. • https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2023-2460 – Debian Security Advisory 5398-1
https://notcve.org/view.php?id=CVE-2023-2460
02 May 2023 — Insufficient validation of untrusted input in Extensions in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to bypass file access checks via a crafted HTML page. (Chromium security severity: Medium) Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions greater than or equal to 113.0.5672.126 are affected. • https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop.html •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-2459 – Debian Security Advisory 5398-1
https://notcve.org/view.php?id=CVE-2023-2459
02 May 2023 — Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to bypass permission restrictions via a crafted HTML page. (Chromium security severity: Medium) Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions greater than or equal to 113.0.5672.126 are affected. • https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop.html •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-2137 – Debian Security Advisory 5393-1
https://notcve.org/view.php?id=CVE-2023-2137
19 Apr 2023 — Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions greater than or equal to 113.0.5672.126 are affected. • https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_18.html • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 1%CPEs: 5EXPL: 0CVE-2023-2136 – Google Chrome Skia Integer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2023-2136
19 Apr 2023 — Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions greater than or equal to 113.0.5672.126 are affected. Google Chromium Skia contains an integer overflow vulnerability that allows a remote... • https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_18.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2023-2135 – Debian Security Advisory 5393-1
https://notcve.org/view.php?id=CVE-2023-2135
19 Apr 2023 — Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions greater than or equal to 113.0.5672.126 are affected. • https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_18.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-2134 – Debian Security Advisory 5393-1
https://notcve.org/view.php?id=CVE-2023-2134
19 Apr 2023 — Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions greater than or equal to 113.0.5672.126 are affected. • https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_18.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-2133 – Debian Security Advisory 5393-1
https://notcve.org/view.php?id=CVE-2023-2133
19 Apr 2023 — Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions greater than or equal to 113.0.5672.126 are affected. • https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_18.html • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 2CVE-2021-33970
https://notcve.org/view.php?id=CVE-2021-33970
19 Apr 2023 — Buffer Overflow vulnerability in Qihoo 360 Chrome v13.0.2170.0 allows attacker to escalate priveleges. • https://MemoryCorruptor.blogspot.com/p/vulnerabilities-disclosures.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •