CVE-2023-4359
https://notcve.org/view.php?id=CVE-2023-4359
Inappropriate implementation in App Launcher in Google Chrome on iOS prior to 116.0.5845.96 allowed a remote attacker to potentially spoof elements of the security UI via a crafted HTML page. (Chromium security severity: Medium) Una implementación inadecuada en App Launcher en Google Chrome en iOS anterior a 116.0.5845.96 permitía a un atacante remoto falsificar potencialmente elementos de la interfaz de usuario de seguridad a través de una página HTML manipulada. (Gravedad de seguridad de Chromium: Media) • https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html https://crbug.com/1443722 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DMXHPRUGBUDNHZCZCIVMWAUIEXEGMGT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCFEK63FUHFXZH5MSG6TNQOXMQWM4M5S https://security.gentoo.org/glsa/202401-34 https://www.debian.org/security/2023/dsa-5479 •
CVE-2023-4358
https://notcve.org/view.php?id=CVE-2023-4358
Use after free in DNS in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) • https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html https://crbug.com/1466415 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DMXHPRUGBUDNHZCZCIVMWAUIEXEGMGT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCFEK63FUHFXZH5MSG6TNQOXMQWM4M5S https://security.gentoo.org/glsa/202401-34 https://www.debian.org/security/2023/dsa-5479 • CWE-416: Use After Free •
CVE-2023-4357
https://notcve.org/view.php?id=CVE-2023-4357
Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium) • https://github.com/OgulcanUnveren/CVE-2023-4357-APT-Style-exploitation https://github.com/lon5948/CVE-2023-4357-Exploitation https://github.com/passwa11/CVE-2023-4357-APT-Style-exploitation https://github.com/xcanwin/CVE-2023-4357-Chrome-XXE https://github.com/sunu11/chrome-CVE-2023-4357 https://github.com/CamillaFranceschini/CVE-2023-4357 https://github.com/WinnieZy/CVE-2023-4357 https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html https://crbug.com/14 • CWE-20: Improper Input Validation •
CVE-2023-4356
https://notcve.org/view.php?id=CVE-2023-4356
Use after free in Audio in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who has convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) • https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html https://crbug.com/1449929 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DMXHPRUGBUDNHZCZCIVMWAUIEXEGMGT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCFEK63FUHFXZH5MSG6TNQOXMQWM4M5S https://security.gentoo.org/glsa/202401-34 https://www.debian.org/security/2023/dsa-5479 • CWE-416: Use After Free •
CVE-2023-4355 – Chrome Dangling FixedArray Pointers / Memory Corruption
https://notcve.org/view.php?id=CVE-2023-4355
Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Chrome suffers from an issue with dangling FixedArray pointers in Torque that can lead to memory corruption. • http://packetstormsecurity.com/files/174950/Chrome-Dangling-FixedArray-Pointers-Memory-Corruption.html https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html https://crbug.com/1468943 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2DMXHPRUGBUDNHZCZCIVMWAUIEXEGMGT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCFEK63FUHFXZH5MSG6TNQOXMQWM4M5S https://security.gentoo.org/glsa/202401-34 https://www.debian.org/securit • CWE-787: Out-of-bounds Write •