VYPR

rpm package

suse/chromium&distro=SUSE Package Hub 15 SP4

pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP4

Vulnerabilities (403)

  • CVE-2023-6351HigNov 29, 2023
    affected < 119.0.6045.199-bp155.2.61.1fixed 119.0.6045.199-bp155.2.61.1

    Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file. (Chromium security severity: High)

  • CVE-2023-6350HigNov 29, 2023
    affected < 119.0.6045.199-bp155.2.61.1fixed 119.0.6045.199-bp155.2.61.1

    Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file. (Chromium security severity: High)

  • CVE-2023-6348HigNov 29, 2023
    affected < 119.0.6045.199-bp155.2.61.1fixed 119.0.6045.199-bp155.2.61.1

    Type Confusion in Spellcheck in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-6347HigNov 29, 2023
    affected < 119.0.6045.199-bp155.2.61.1fixed 119.0.6045.199-bp155.2.61.1

    Use after free in Mojo in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-6346HigNov 29, 2023
    affected < 119.0.6045.199-bp155.2.61.1fixed 119.0.6045.199-bp155.2.61.1

    Use after free in WebAudio in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-6345CriKEVNov 29, 2023
    affected < 119.0.6045.199-bp155.2.61.1fixed 119.0.6045.199-bp155.2.61.1

    Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High)

  • CVE-2023-6112HigNov 15, 2023
    affected < 119.0.6045.159-bp155.2.58.1fixed 119.0.6045.159-bp155.2.58.1

    Use after free in Navigation in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-5997HigNov 15, 2023
    affected < 119.0.6045.159-bp155.2.58.1fixed 119.0.6045.159-bp155.2.58.1

    Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-5996HigNov 8, 2023
    affected < 119.0.6045.123-bp155.2.55.1fixed 119.0.6045.123-bp155.2.55.1

    Use after free in WebAudio in Google Chrome prior to 119.0.6045.123 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-5859MedNov 1, 2023
    affected < 119.0.6045.123-bp155.2.55.1fixed 119.0.6045.123-bp155.2.55.1

    Incorrect security UI in Picture In Picture in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted local HTML page. (Chromium security severity: Low)

  • CVE-2023-5858MedNov 1, 2023
    affected < 119.0.6045.123-bp155.2.55.1fixed 119.0.6045.123-bp155.2.55.1

    Inappropriate implementation in WebApp Provider in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2023-5857HigNov 1, 2023
    affected < 119.0.6045.123-bp155.2.55.1fixed 119.0.6045.123-bp155.2.55.1

    Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially execute arbitrary code via a malicious file. (Chromium security severity: Medium)

  • CVE-2023-5856HigNov 1, 2023
    affected < 119.0.6045.123-bp155.2.55.1fixed 119.0.6045.123-bp155.2.55.1

    Use after free in Side Panel in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2023-5855HigNov 1, 2023
    affected < 119.0.6045.123-bp155.2.55.1fixed 119.0.6045.123-bp155.2.55.1

    Use after free in Reading Mode in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)

  • CVE-2023-5854HigNov 1, 2023
    affected < 119.0.6045.123-bp155.2.55.1fixed 119.0.6045.123-bp155.2.55.1

    Use after free in Profiles in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)

  • CVE-2023-5853MedNov 1, 2023
    affected < 119.0.6045.123-bp155.2.55.1fixed 119.0.6045.123-bp155.2.55.1

    Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2023-5852HigNov 1, 2023
    affected < 119.0.6045.123-bp155.2.55.1fixed 119.0.6045.123-bp155.2.55.1

    Use after free in Printing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)

  • CVE-2023-5851MedNov 1, 2023
    affected < 119.0.6045.123-bp155.2.55.1fixed 119.0.6045.123-bp155.2.55.1

    Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2023-5850MedNov 1, 2023
    affected < 119.0.6045.123-bp155.2.55.1fixed 119.0.6045.123-bp155.2.55.1

    Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Medium)

  • CVE-2023-5849HigNov 1, 2023
    affected < 119.0.6045.123-bp155.2.55.1fixed 119.0.6045.123-bp155.2.55.1

    Integer overflow in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Page 1 of 21