CVE-2023-4366
https://notcve.org/view.php?id=CVE-2023-4366
Use after free in Extensions in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) use-after-free en Extensions de Google Chrome antes de 116.0.5845.96 permitió a un atacante que convenció a un usuario para instalar una extensión maliciosa potencialmente explotar la corrupción de heap a través de una página HTML crafted. (Gravedad de seguridad de Chromium: Media) • https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html https://crbug.com/1450784 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DMXHPRUGBUDNHZCZCIVMWAUIEXEGMGT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCFEK63FUHFXZH5MSG6TNQOXMQWM4M5S https://security.gentoo.org/glsa/202401-34 https://www.debian.org/security/2023/dsa-5479 • CWE-416: Use After Free •
CVE-2023-4365
https://notcve.org/view.php?id=CVE-2023-4365
Inappropriate implementation in Fullscreen in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium) Una implementación inadecuada en Fullscreen en Google Chrome anterior a 116.0.5845.96 permitía a un atacante remoto ofuscar la IU de seguridad a través de una página HTML crafteada. (Gravedad de seguridad de Chromium: Media) • https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html https://crbug.com/1431043 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DMXHPRUGBUDNHZCZCIVMWAUIEXEGMGT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCFEK63FUHFXZH5MSG6TNQOXMQWM4M5S https://security.gentoo.org/glsa/202401-34 https://www.debian.org/security/2023/dsa-5479 •
CVE-2023-4364
https://notcve.org/view.php?id=CVE-2023-4364
Inappropriate implementation in Permission Prompts in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium) Una implementación inadecuada en Permission Prompts de Google Chrome anteriores a la versión 116.0.5845.96 permitía a un atacante remoto ofuscar la interfaz de usuario de seguridad a través de una página HTML manipulada. (Gravedad de seguridad de Chromium: Media) • https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html https://crbug.com/1406922 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DMXHPRUGBUDNHZCZCIVMWAUIEXEGMGT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCFEK63FUHFXZH5MSG6TNQOXMQWM4M5S https://security.gentoo.org/glsa/202401-34 https://www.debian.org/security/2023/dsa-5479 •
CVE-2023-4363
https://notcve.org/view.php?id=CVE-2023-4363
Inappropriate implementation in WebShare in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to spoof the contents of a dialog URL via a crafted HTML page. (Chromium security severity: Medium) Una implementación inadecuada en WebShare en Google Chrome en Android anterior a 116.0.5845.96 permitía a un atacante remoto falsificar el contenido de una URL de diálogo a través de una página HTML manipulada. (Gravedad de seguridad de Chromium: Media) • https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html https://crbug.com/1367085 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DMXHPRUGBUDNHZCZCIVMWAUIEXEGMGT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCFEK63FUHFXZH5MSG6TNQOXMQWM4M5S https://security.gentoo.org/glsa/202401-34 https://www.debian.org/security/2023/dsa-5479 •
CVE-2023-4362
https://notcve.org/view.php?id=CVE-2023-4362
Heap buffer overflow in Mojom IDL in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process and gained control of a WebUI process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) El desbordamiento del búfer heap en Mojom IDL en Google Chrome anterior a 116.0.5845.96 permitía a un atacante remoto que hubiera comprometido el proceso del renderizador y obtenido el control de un proceso WebUI explotar potencialmente la corrupción del heap a través de una página HTML manipulada. (Gravedad de seguridad de Chromium: Media) • https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html https://crbug.com/1316379 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DMXHPRUGBUDNHZCZCIVMWAUIEXEGMGT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCFEK63FUHFXZH5MSG6TNQOXMQWM4M5S https://security.gentoo.org/glsa/202401-34 https://www.debian.org/security/2023/dsa-5479 • CWE-787: Out-of-bounds Write •