Search for packages
| purl | pkg:deb/debian/chromium@114.0.5735.198-1~deb12u1 |
| Tags | Ghost |
| Next non-vulnerable version | 137.0.7151.119-1 |
| Latest non-vulnerable version | 137.0.7151.119-1 |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-18p3-qpvk-aaas
Aliases: CVE-2023-4352 |
Type confusion in V8 in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-1xjj-9wu3-aaaj
Aliases: CVE-2023-4368 |
Insufficient policy enforcement in Extensions API in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. (Chromium security severity: Medium) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-3bx1-jvmj-aaac
Aliases: CVE-2023-4362 |
Heap buffer overflow in Mojom IDL in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process and gained control of a WebUI process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-3r7e-zxvp-aaac
Aliases: CVE-2023-4357 |
Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-4dua-77vw-aaas
Aliases: CVE-2023-4367 |
Insufficient policy enforcement in Extensions API in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. (Chromium security severity: Medium) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-4eme-z1zh-aaaf
Aliases: CVE-2023-4427 |
Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-55tp-dpqp-aaas
Aliases: CVE-2023-4355 |
Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-5w8w-wbpc-aaad
Aliases: CVE-2023-4360 |
Inappropriate implementation in Color in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-6x8m-h86p-aaab
Aliases: CVE-2023-4364 |
Inappropriate implementation in Permission Prompts in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-6y8s-jybd-aaan
Aliases: CVE-2023-4353 |
Heap buffer overflow in ANGLE in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-6zu1-va31-aaas
Aliases: CVE-2023-4359 |
Inappropriate implementation in App Launcher in Google Chrome on iOS prior to 116.0.5845.96 allowed a remote attacker to potentially spoof elements of the security UI via a crafted HTML page. (Chromium security severity: Medium) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-85pw-58uc-aaad
Aliases: CVE-2023-4363 |
Inappropriate implementation in WebShare in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to spoof the contents of a dialog URL via a crafted HTML page. (Chromium security severity: Medium) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-9rqn-688c-aaah
Aliases: CVE-2023-2312 |
Use after free in Offline in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-a5gw-4dam-aaap
Aliases: CVE-2023-4429 |
Use after free in Loader in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-agda-vfzj-aaan
Aliases: CVE-2023-4365 |
Inappropriate implementation in Fullscreen in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-ah2f-7bs4-aaab
Aliases: CVE-2023-4068 |
Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-anb2-ne3b-aaaa
Aliases: CVE-2023-4350 |
Inappropriate implementation in Fullscreen in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-bjsf-dtcf-aaah
Aliases: CVE-2023-4354 |
Heap buffer overflow in Skia in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-ch85-m46p-aaac
Aliases: CVE-2023-4077 |
Insufficient data validation in Extensions in Google Chrome prior to 115.0.5790.170 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: Medium) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-dvug-wqzw-aaaf
Aliases: CVE-2023-4356 |
Use after free in Audio in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who has convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-dxup-28n6-aaab
Aliases: CVE-2023-4430 |
Use after free in Vulkan in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-etq2-mv1j-aaaj
Aliases: CVE-2023-4073 |
Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-fmuz-kft6-aaae
Aliases: CVE-2023-4349 |
Use after free in Device Trust Connectors in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-gm2f-8kf7-aaag
Aliases: CVE-2023-4070 |
Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-h2yc-9s9p-aaae
Aliases: CVE-2023-4075 |
Use after free in Cast in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-h57c-xaza-aaaj
Aliases: CVE-2023-4358 |
Use after free in DNS in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-jw1n-tjzw-aaah
Aliases: CVE-2023-4076 |
Use after free in WebRTC in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted WebRTC session. (Chromium security severity: High) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-jz88-2d3m-aaaq
Aliases: CVE-2023-4431 |
Out of bounds memory access in Fonts in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-m7sb-4ecm-aaad
Aliases: CVE-2023-4071 |
Heap buffer overflow in Visuals in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-qykv-qwc3-aaan
Aliases: CVE-2023-4069 |
Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-rc96-t7xf-aaaj
Aliases: CVE-2023-4074 |
Use after free in Blink Task Scheduling in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-rq35-kc32-aaam
Aliases: CVE-2023-4078 |
Inappropriate implementation in Extensions in Google Chrome prior to 115.0.5790.170 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: Medium) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-sc7v-xqdy-aaam
Aliases: CVE-2023-4428 |
Out of bounds memory access in CSS in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-uzc7-zyaf-aaac
Aliases: CVE-2023-4351 |
Use after free in Network in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who has elicited a browser shutdown to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-v8vs-zft9-aaae
Aliases: CVE-2023-4072 |
Out of bounds read and write in WebGL in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-xpkr-huan-aaak
Aliases: CVE-2023-4366 |
Use after free in Extensions in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
|
VCID-yuan-5a36-aaan
Aliases: CVE-2023-4361 |
Inappropriate implementation in Autofill in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Medium) |
Affected by 0 other vulnerabilities. Affected by 0 other vulnerabilities. Affected by 309 other vulnerabilities.
This version is affected by these other vulnerabilities:
|
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|