CVE-2023-4761
https://notcve.org/view.php?id=CVE-2023-4761
Out of bounds memory access in FedCM in Google Chrome prior to 116.0.5845.179 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High) El acceso a memoria fuera de los límites en FedCM en Google Chrome anterior a 116.0.5845.179 permitió a un atacante remoto que había comprometido el proceso de renderizado realizar una lectura de memoria fuera de los límites a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) • https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop.html https://crbug.com/1476403 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/27NR3KG553CG6LGPMP6SHWEVHTYPL6RC https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3 https://security.gentoo.org/glsa/202311-11 https://security • CWE-125: Out-of-bounds Read •
CVE-2023-4572
https://notcve.org/view.php?id=CVE-2023-4572
Use after free in MediaStream in Google Chrome prior to 116.0.5845.140 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) El uso gratuito en MediaStream en Google Chrome anterior a 116.0.5845.140 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) • https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_29.html https://crbug.com/1472492 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/27NR3KG553CG6LGPMP6SHWEVHTYPL6RC https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3 https://security.gentoo.org/glsa/202401-34 https://www& • CWE-416: Use After Free •
CVE-2019-13689
https://notcve.org/view.php?id=CVE-2019-13689
Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a remote attacker to perform arbitrary read/write via a malicious file. (Chromium security severity: Critical) • https://bugs.chromium.org/p/chromium/issues/detail?id=960109 https://crbug.com/960109 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2019-13690
https://notcve.org/view.php?id=CVE-2019-13690
Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a remote attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: High) • https://bugs.chromium.org/p/chromium/issues/detail?id=960111 https://crbug.com/960111 • CWE-269: Improper Privilege Management •
CVE-2022-4452
https://notcve.org/view.php?id=CVE-2022-4452
Insufficient data validation in crosvm in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High) • https://bugs.chromium.org/p/chromium/issues/detail?id=1372457 https://crbug.com/1372457 •