VYPR

rpm package

opensuse/chromium&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweed

Vulnerabilities (4,053)

  • CVE-2023-3422Jun 26, 2023
    affected < 114.0.5735.198-1.1fixed 114.0.5735.198-1.1

    Use after free in Guest View in Google Chrome prior to 114.0.5735.198 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-3421Jun 26, 2023
    affected < 114.0.5735.198-1.1fixed 114.0.5735.198-1.1

    Use after free in Media in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-3420Jun 26, 2023
    affected < 114.0.5735.198-1.1fixed 114.0.5735.198-1.1

    Type Confusion in V8 in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-3217Jun 13, 2023
    affected < 114.0.5735.133-1.1fixed 114.0.5735.133-1.1

    Use after free in WebXR in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-3216Jun 13, 2023
    affected < 114.0.5735.133-1.1fixed 114.0.5735.133-1.1

    Type confusion in V8 in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-3215Jun 13, 2023
    affected < 114.0.5735.133-1.1fixed 114.0.5735.133-1.1

    Use after free in WebRTC in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-3214Jun 13, 2023
    affected < 114.0.5735.133-1.1fixed 114.0.5735.133-1.1

    Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

  • CVE-2023-3079KEVJun 5, 2023
    affected < 114.0.5735.106-1.1fixed 114.0.5735.106-1.1

    Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-2941May 30, 2023
    affected < 114.0.5735.90-1.1fixed 114.0.5735.90-1.1

    Inappropriate implementation in Extensions API in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to spoof the contents of the UI via a crafted Chrome Extension. (Chromium security severity: Low)

  • CVE-2023-2940May 30, 2023
    affected < 114.0.5735.90-1.1fixed 114.0.5735.90-1.1

    Inappropriate implementation in Downloads in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2023-2939May 30, 2023
    affected < 114.0.5735.90-1.1fixed 114.0.5735.90-1.1

    Insufficient data validation in Installer in Google Chrome on Windows prior to 114.0.5735.90 allowed a local attacker to perform privilege escalation via crafted symbolic link. (Chromium security severity: Medium)

  • CVE-2023-2938May 30, 2023
    affected < 114.0.5735.90-1.1fixed 114.0.5735.90-1.1

    Inappropriate implementation in Picture In Picture in Google Chrome prior to 114.0.5735.90 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2023-2937May 30, 2023
    affected < 114.0.5735.90-1.1fixed 114.0.5735.90-1.1

    Inappropriate implementation in Picture In Picture in Google Chrome prior to 114.0.5735.90 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2023-2936May 30, 2023
    affected < 114.0.5735.90-1.1fixed 114.0.5735.90-1.1

    Type Confusion in V8 in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-2935May 30, 2023
    affected < 114.0.5735.90-1.1fixed 114.0.5735.90-1.1

    Type Confusion in V8 in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-2934May 30, 2023
    affected < 114.0.5735.90-1.1fixed 114.0.5735.90-1.1

    Out of bounds memory access in Mojo in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-2933May 30, 2023
    affected < 114.0.5735.90-1.1fixed 114.0.5735.90-1.1

    Use after free in PDF in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)

  • CVE-2023-2932May 30, 2023
    affected < 114.0.5735.90-1.1fixed 114.0.5735.90-1.1

    Use after free in PDF in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)

  • CVE-2023-2931May 30, 2023
    affected < 114.0.5735.90-1.1fixed 114.0.5735.90-1.1

    Use after free in PDF in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)

  • CVE-2023-2930May 30, 2023
    affected < 114.0.5735.90-1.1fixed 114.0.5735.90-1.1

    Use after free in Extensions in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Page 86 of 203