rpm package
suse/chromium&distro=SUSE Package Hub 15 SP6
pkg:rpm/suse/chromium&distro=SUSE%20Package%20Hub%2015%20SP6
Vulnerabilities (196)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-7976 | Med | 4.3 | < 128.0.6613.84-bp156.2.17.1 | 128.0.6613.84-bp156.2.17.1 | Aug 21, 2024 | Inappropriate implementation in FedCM in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | |
| CVE-2024-7975 | Med | 4.3 | < 128.0.6613.84-bp156.2.17.1 | 128.0.6613.84-bp156.2.17.1 | Aug 21, 2024 | Inappropriate implementation in Permissions in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | |
| CVE-2024-7974 | Hig | 8.8 | < 128.0.6613.84-bp156.2.17.1 | 128.0.6613.84-bp156.2.17.1 | Aug 21, 2024 | Insufficient data validation in V8 API in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium) | |
| CVE-2024-7973 | Hig | 8.8 | < 128.0.6613.84-bp156.2.17.1 | 128.0.6613.84-bp156.2.17.1 | Aug 21, 2024 | Heap buffer overflow in PDFium in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. (Chromium security severity: Medium) | |
| CVE-2024-7972 | Hig | 8.8 | < 128.0.6613.84-bp156.2.17.1 | 128.0.6613.84-bp156.2.17.1 | Aug 21, 2024 | Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium) | |
| CVE-2024-7971 | Cri | 9.6 | KEV | < 128.0.6613.84-bp156.2.17.1 | 128.0.6613.84-bp156.2.17.1 | Aug 21, 2024 | Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| CVE-2024-7969 | Hig | 8.8 | < 128.0.6613.84-bp156.2.17.1 | 128.0.6613.84-bp156.2.17.1 | Aug 21, 2024 | Type Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2024-7968 | Hig | 8.8 | < 128.0.6613.84-bp156.2.17.1 | 128.0.6613.84-bp156.2.17.1 | Aug 21, 2024 | Use after free in Autofill in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who had convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2024-7967 | Hig | 8.8 | < 128.0.6613.84-bp156.2.17.1 | 128.0.6613.84-bp156.2.17.1 | Aug 21, 2024 | Heap buffer overflow in Fonts in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2024-7966 | Hig | 8.8 | < 128.0.6613.84-bp156.2.17.1 | 128.0.6613.84-bp156.2.17.1 | Aug 21, 2024 | Out of bounds memory access in Skia in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who had compromised the renderer process to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2024-7965 | Hig | 8.8 | KEV | < 128.0.6613.84-bp156.2.17.1 | 128.0.6613.84-bp156.2.17.1 | Aug 21, 2024 | Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| CVE-2024-7964 | Hig | 8.8 | < 128.0.6613.84-bp156.2.17.1 | 128.0.6613.84-bp156.2.17.1 | Aug 21, 2024 | Use after free in Passwords in Google Chrome on Android prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2024-7550 | Hig | 8.8 | < 127.0.6533.119-bp156.2.14.1 | 127.0.6533.119-bp156.2.14.1 | Aug 6, 2024 | Type Confusion in V8 in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2024-7536 | Hig | 8.8 | < 127.0.6533.119-bp156.2.14.1 | 127.0.6533.119-bp156.2.14.1 | Aug 6, 2024 | Use after free in WebAudio in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2024-7535 | Hig | 8.8 | < 127.0.6533.119-bp156.2.14.1 | 127.0.6533.119-bp156.2.14.1 | Aug 6, 2024 | Inappropriate implementation in V8 in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2024-7534 | Hig | 8.8 | < 127.0.6533.119-bp156.2.14.1 | 127.0.6533.119-bp156.2.14.1 | Aug 6, 2024 | Heap buffer overflow in Layout in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2024-7533 | Hig | 8.8 | < 127.0.6533.119-bp156.2.14.1 | 127.0.6533.119-bp156.2.14.1 | Aug 6, 2024 | Use after free in Sharing in Google Chrome on iOS prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |
| CVE-2024-7532 | Hig | 8.8 | < 127.0.6533.119-bp156.2.14.1 | 127.0.6533.119-bp156.2.14.1 | Aug 6, 2024 | Out of bounds memory access in ANGLE in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) | |
| CVE-2024-7005 | Med | 4.3 | < 127.0.6533.119-bp156.2.14.1 | 127.0.6533.119-bp156.2.14.1 | Aug 6, 2024 | Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a malicious file. (Chromium security severity: Low) | |
| CVE-2024-7004 | Med | 4.3 | < 127.0.6533.119-bp156.2.14.1 | 127.0.6533.119-bp156.2.14.1 | Aug 6, 2024 | Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a malicious file. (Chromium security severity: Low) |
- affected < 128.0.6613.84-bp156.2.17.1fixed 128.0.6613.84-bp156.2.17.1
Inappropriate implementation in FedCM in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
- affected < 128.0.6613.84-bp156.2.17.1fixed 128.0.6613.84-bp156.2.17.1
Inappropriate implementation in Permissions in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
- affected < 128.0.6613.84-bp156.2.17.1fixed 128.0.6613.84-bp156.2.17.1
Insufficient data validation in V8 API in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium)
- affected < 128.0.6613.84-bp156.2.17.1fixed 128.0.6613.84-bp156.2.17.1
Heap buffer overflow in PDFium in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. (Chromium security severity: Medium)
- affected < 128.0.6613.84-bp156.2.17.1fixed 128.0.6613.84-bp156.2.17.1
Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)
- affected < 128.0.6613.84-bp156.2.17.1fixed 128.0.6613.84-bp156.2.17.1
Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- affected < 128.0.6613.84-bp156.2.17.1fixed 128.0.6613.84-bp156.2.17.1
Type Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- affected < 128.0.6613.84-bp156.2.17.1fixed 128.0.6613.84-bp156.2.17.1
Use after free in Autofill in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who had convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- affected < 128.0.6613.84-bp156.2.17.1fixed 128.0.6613.84-bp156.2.17.1
Heap buffer overflow in Fonts in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- affected < 128.0.6613.84-bp156.2.17.1fixed 128.0.6613.84-bp156.2.17.1
Out of bounds memory access in Skia in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who had compromised the renderer process to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
- affected < 128.0.6613.84-bp156.2.17.1fixed 128.0.6613.84-bp156.2.17.1
Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- affected < 128.0.6613.84-bp156.2.17.1fixed 128.0.6613.84-bp156.2.17.1
Use after free in Passwords in Google Chrome on Android prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- affected < 127.0.6533.119-bp156.2.14.1fixed 127.0.6533.119-bp156.2.14.1
Type Confusion in V8 in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- affected < 127.0.6533.119-bp156.2.14.1fixed 127.0.6533.119-bp156.2.14.1
Use after free in WebAudio in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- affected < 127.0.6533.119-bp156.2.14.1fixed 127.0.6533.119-bp156.2.14.1
Inappropriate implementation in V8 in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- affected < 127.0.6533.119-bp156.2.14.1fixed 127.0.6533.119-bp156.2.14.1
Heap buffer overflow in Layout in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- affected < 127.0.6533.119-bp156.2.14.1fixed 127.0.6533.119-bp156.2.14.1
Use after free in Sharing in Google Chrome on iOS prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- affected < 127.0.6533.119-bp156.2.14.1fixed 127.0.6533.119-bp156.2.14.1
Out of bounds memory access in ANGLE in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
- affected < 127.0.6533.119-bp156.2.14.1fixed 127.0.6533.119-bp156.2.14.1
Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a malicious file. (Chromium security severity: Low)
- affected < 127.0.6533.119-bp156.2.14.1fixed 127.0.6533.119-bp156.2.14.1
Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a malicious file. (Chromium security severity: Low)
Page 7 of 10