CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-1236
https://notcve.org/view.php?id=CVE-2023-1236
Inappropriate implementation in Internals in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to spoof the origin of an iframe via a crafted HTML page. (Chromium security severity: Low) • https://chromereleases.googleblog.com/2023/03/stable-channel-update-for-desktop.html https://crbug.com/1374518 •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-1235
https://notcve.org/view.php?id=CVE-2023-1235
Type confusion in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted UI interaction. (Chromium security severity: Low) • https://chromereleases.googleblog.com/2023/03/stable-channel-update-for-desktop.html https://crbug.com/1404704 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-1234
https://notcve.org/view.php?id=CVE-2023-1234
Inappropriate implementation in Intents in Google Chrome on Android prior to 111.0.5563.64 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low) • https://chromereleases.googleblog.com/2023/03/stable-channel-update-for-desktop.html https://crbug.com/1404621 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-1233
https://notcve.org/view.php?id=CVE-2023-1233
Insufficient policy enforcement in Resource Timing in Google Chrome prior to 111.0.5563.64 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from API via a crafted Chrome Extension. (Chromium security severity: Low) • https://chromereleases.googleblog.com/2023/03/stable-channel-update-for-desktop.html https://crbug.com/1045681 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-1232
https://notcve.org/view.php?id=CVE-2023-1232
Insufficient policy enforcement in Resource Timing in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to obtain potentially sensitive information from API via a crafted HTML page. (Chromium security severity: Low) • https://chromereleases.googleblog.com/2023/03/stable-channel-update-for-desktop.html https://crbug.com/1346924 •