VYPR

rpm package

opensuse/chromium&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweed

Vulnerabilities (4,053)

  • CVE-2023-2134Apr 19, 2023
    affected < 112.0.5615.165-1.1fixed 112.0.5615.165-1.1

    Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-2133Apr 19, 2023
    affected < 112.0.5615.165-1.1fixed 112.0.5615.165-1.1

    Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-2033KEVApr 14, 2023
    affected < 112.0.5615.121-1.1fixed 112.0.5615.121-1.1

    Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-1823Apr 4, 2023
    affected < 112.0.5615.49-1.1fixed 112.0.5615.49-1.1

    Inappropriate implementation in FedCM in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2023-1822Apr 4, 2023
    affected < 112.0.5615.49-1.1fixed 112.0.5615.49-1.1

    Incorrect security UI in Navigation in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2023-1821Apr 4, 2023
    affected < 112.0.5615.49-1.1fixed 112.0.5615.49-1.1

    Inappropriate implementation in WebShare in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially hide the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2023-1820Apr 4, 2023
    affected < 112.0.5615.49-1.1fixed 112.0.5615.49-1.1

    Heap buffer overflow in Browser History in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2023-1819Apr 4, 2023
    affected < 112.0.5615.49-1.1fixed 112.0.5615.49-1.1

    Out of bounds read in Accessibility in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2023-1818Apr 4, 2023
    affected < 112.0.5615.49-1.1fixed 112.0.5615.49-1.1

    Use after free in Vulkan in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2023-1817Apr 4, 2023
    affected < 112.0.5615.49-1.1fixed 112.0.5615.49-1.1

    Insufficient policy enforcement in Intents in Google Chrome on Android prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2023-1816Apr 4, 2023
    affected < 112.0.5615.49-1.1fixed 112.0.5615.49-1.1

    Incorrect security UI in Picture In Picture in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially perform navigation spoofing via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2023-1815Apr 4, 2023
    affected < 112.0.5615.49-1.1fixed 112.0.5615.49-1.1

    Use after free in Networking APIs in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2023-1814Apr 4, 2023
    affected < 112.0.5615.49-1.1fixed 112.0.5615.49-1.1

    Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass download checking via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2023-1813Apr 4, 2023
    affected < 112.0.5615.49-1.1fixed 112.0.5615.49-1.1

    Inappropriate implementation in Extensions in Google Chrome prior to 112.0.5615.49 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2023-1812Apr 4, 2023
    affected < 112.0.5615.49-1.1fixed 112.0.5615.49-1.1

    Out of bounds memory access in DOM Bindings in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2023-1811Apr 4, 2023
    affected < 112.0.5615.49-1.1fixed 112.0.5615.49-1.1

    Use after free in Frames in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-1810Apr 4, 2023
    affected < 112.0.5615.49-1.1fixed 112.0.5615.49-1.1

    Heap buffer overflow in Visuals in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-1534Mar 21, 2023
    affected < 111.0.5563.110-1.1fixed 111.0.5563.110-1.1

    Out of bounds read in ANGLE in Google Chrome prior to 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-1533Mar 21, 2023
    affected < 111.0.5563.110-1.1fixed 111.0.5563.110-1.1

    Use after free in WebProtect in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-1532Mar 21, 2023
    affected < 111.0.5563.110-1.1fixed 111.0.5563.110-1.1

    Out of bounds read in GPU Video in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Page 88 of 203