rpm package

opensuse/opera&distro=openSUSE Leap 15.5 NonFree

pkg:rpm/opensuse/opera&distro=openSUSE%20Leap%2015.5%20NonFree

Vulnerabilities (188)

CVE	CVSS	KEV	Affected versions	Fixed in	Published	Description
CVE-2023-2724	—		< 99.0.4788.13-lp155.3.6.1	99.0.4788.13-lp155.3.6.1	May 16, 2023	Type confusion in V8 in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-2723	—		< 99.0.4788.13-lp155.3.6.1	99.0.4788.13-lp155.3.6.1	May 16, 2023	Use after free in DevTools in Google Chrome prior to 113.0.5672.126 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-2722	—		< 99.0.4788.13-lp155.3.6.1	99.0.4788.13-lp155.3.6.1	May 16, 2023	Use after free in Autofill UI in Google Chrome on Android prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-2721	—		< 99.0.4788.13-lp155.3.6.1	99.0.4788.13-lp155.3.6.1	May 16, 2023	Use after free in Navigation in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
CVE-2023-2137	—		< 99.0.4788.13-lp155.3.6.1	99.0.4788.13-lp155.3.6.1	Apr 19, 2023	Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-2136	—	KEV	< 99.0.4788.13-lp155.3.6.1	99.0.4788.13-lp155.3.6.1	Apr 19, 2023	Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2023-2135	—		< 99.0.4788.13-lp155.3.6.1	99.0.4788.13-lp155.3.6.1	Apr 19, 2023	Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-2134	—		< 99.0.4788.13-lp155.3.6.1	99.0.4788.13-lp155.3.6.1	Apr 19, 2023	Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-2133	—		< 99.0.4788.13-lp155.3.6.1	99.0.4788.13-lp155.3.6.1	Apr 19, 2023	Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-2033	—	KEV	< 99.0.4788.13-lp155.3.6.1	99.0.4788.13-lp155.3.6.1	Apr 14, 2023	Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-1534	—		< 99.0.4788.13-lp155.3.6.1	99.0.4788.13-lp155.3.6.1	Mar 21, 2023	Out of bounds read in ANGLE in Google Chrome prior to 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-1533	—		< 99.0.4788.13-lp155.3.6.1	99.0.4788.13-lp155.3.6.1	Mar 21, 2023	Use after free in WebProtect in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-1532	—		< 99.0.4788.13-lp155.3.6.1	99.0.4788.13-lp155.3.6.1	Mar 21, 2023	Out of bounds read in GPU Video in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-1531	—		< 99.0.4788.13-lp155.3.6.1	99.0.4788.13-lp155.3.6.1	Mar 21, 2023	Use after free in ANGLE in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-1530	—		< 99.0.4788.13-lp155.3.6.1	99.0.4788.13-lp155.3.6.1	Mar 21, 2023	Use after free in PDF in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-1529	—		< 99.0.4788.13-lp155.3.6.1	99.0.4788.13-lp155.3.6.1	Mar 21, 2023	Out of bounds memory access in WebHID in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a malicious HID device. (Chromium security severity: High)
CVE-2023-1528	—		< 99.0.4788.13-lp155.3.6.1	99.0.4788.13-lp155.3.6.1	Mar 21, 2023	Use after free in Passwords in Google Chrome prior to 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-1236	—		< 99.0.4788.13-lp155.3.6.1	99.0.4788.13-lp155.3.6.1	Mar 7, 2023	Inappropriate implementation in Internals in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to spoof the origin of an iframe via a crafted HTML page. (Chromium security severity: Low)
CVE-2023-1235	—		< 99.0.4788.13-lp155.3.6.1	99.0.4788.13-lp155.3.6.1	Mar 7, 2023	Type confusion in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted UI interaction. (Chromium security severity: Low)
CVE-2023-1234	—		< 99.0.4788.13-lp155.3.6.1	99.0.4788.13-lp155.3.6.1	Mar 7, 2023	Inappropriate implementation in Intents in Google Chrome on Android prior to 111.0.5563.64 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low)

CVE-2023-2724May 16, 2023
affected < 99.0.4788.13-lp155.3.6.1fixed 99.0.4788.13-lp155.3.6.1
Type confusion in V8 in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-2723May 16, 2023
affected < 99.0.4788.13-lp155.3.6.1fixed 99.0.4788.13-lp155.3.6.1
Use after free in DevTools in Google Chrome prior to 113.0.5672.126 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-2722May 16, 2023
affected < 99.0.4788.13-lp155.3.6.1fixed 99.0.4788.13-lp155.3.6.1
Use after free in Autofill UI in Google Chrome on Android prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-2721May 16, 2023
affected < 99.0.4788.13-lp155.3.6.1fixed 99.0.4788.13-lp155.3.6.1
Use after free in Navigation in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
CVE-2023-2137Apr 19, 2023
affected < 99.0.4788.13-lp155.3.6.1fixed 99.0.4788.13-lp155.3.6.1
Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-2136KEVApr 19, 2023
affected < 99.0.4788.13-lp155.3.6.1fixed 99.0.4788.13-lp155.3.6.1
Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2023-2135Apr 19, 2023
affected < 99.0.4788.13-lp155.3.6.1fixed 99.0.4788.13-lp155.3.6.1
Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-2134Apr 19, 2023
affected < 99.0.4788.13-lp155.3.6.1fixed 99.0.4788.13-lp155.3.6.1
Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-2133Apr 19, 2023
affected < 99.0.4788.13-lp155.3.6.1fixed 99.0.4788.13-lp155.3.6.1
Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-2033KEVApr 14, 2023
affected < 99.0.4788.13-lp155.3.6.1fixed 99.0.4788.13-lp155.3.6.1
Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-1534Mar 21, 2023
affected < 99.0.4788.13-lp155.3.6.1fixed 99.0.4788.13-lp155.3.6.1
Out of bounds read in ANGLE in Google Chrome prior to 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-1533Mar 21, 2023
affected < 99.0.4788.13-lp155.3.6.1fixed 99.0.4788.13-lp155.3.6.1
Use after free in WebProtect in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-1532Mar 21, 2023
affected < 99.0.4788.13-lp155.3.6.1fixed 99.0.4788.13-lp155.3.6.1
Out of bounds read in GPU Video in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-1531Mar 21, 2023
affected < 99.0.4788.13-lp155.3.6.1fixed 99.0.4788.13-lp155.3.6.1
Use after free in ANGLE in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-1530Mar 21, 2023
affected < 99.0.4788.13-lp155.3.6.1fixed 99.0.4788.13-lp155.3.6.1
Use after free in PDF in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-1529Mar 21, 2023
affected < 99.0.4788.13-lp155.3.6.1fixed 99.0.4788.13-lp155.3.6.1
Out of bounds memory access in WebHID in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a malicious HID device. (Chromium security severity: High)
CVE-2023-1528Mar 21, 2023
affected < 99.0.4788.13-lp155.3.6.1fixed 99.0.4788.13-lp155.3.6.1
Use after free in Passwords in Google Chrome prior to 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-1236Mar 7, 2023
affected < 99.0.4788.13-lp155.3.6.1fixed 99.0.4788.13-lp155.3.6.1
Inappropriate implementation in Internals in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to spoof the origin of an iframe via a crafted HTML page. (Chromium security severity: Low)
CVE-2023-1235Mar 7, 2023
affected < 99.0.4788.13-lp155.3.6.1fixed 99.0.4788.13-lp155.3.6.1
Type confusion in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted UI interaction. (Chromium security severity: Low)
CVE-2023-1234Mar 7, 2023
affected < 99.0.4788.13-lp155.3.6.1fixed 99.0.4788.13-lp155.3.6.1
Inappropriate implementation in Intents in Google Chrome on Android prior to 111.0.5563.64 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low)

Page 6 of 10