Vulnerabilities (CVE)

Total 226656 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-1823 2 Fedoraproject, Google 2 Fedora, Chrome 2023-09-30 N/A 6.5 MEDIUM
Inappropriate implementation in FedCM in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)
CVE-2023-0705 1 Google 1 Chrome 2023-09-30 N/A 7.5 HIGH
Integer overflow in Core in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who had one a race condition to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)
CVE-2023-1811 2 Fedoraproject, Google 2 Fedora, Chrome 2023-09-30 N/A 8.8 HIGH
Use after free in Frames in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-0932 2 Google, Microsoft 2 Chrome, Windows 2023-09-30 N/A 8.8 HIGH
Use after free in WebRTC in Google Chrome on Windows prior to 110.0.5481.177 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-28286 1 Microsoft 1 Edge Chromium 2023-09-30 N/A 6.1 MEDIUM
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
CVE-2023-1814 2 Fedoraproject, Google 2 Fedora, Chrome 2023-09-30 N/A 6.5 MEDIUM
Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass download checking via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-0927 1 Google 2 Android, Chrome 2023-09-30 N/A 8.8 HIGH
Use after free in Web Payments API in Google Chrome on Android prior to 110.0.5481.177 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-1822 2 Fedoraproject, Google 2 Fedora, Chrome 2023-09-30 N/A 6.5 MEDIUM
Incorrect security UI in Navigation in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2023-1819 2 Fedoraproject, Google 2 Fedora, Chrome 2023-09-30 N/A 6.5 MEDIUM
Out of bounds read in Accessibility in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-2465 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2023-09-30 N/A 4.3 MEDIUM
Inappropriate implementation in CORS in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-2466 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2023-09-30 N/A 4.3 MEDIUM
Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to spoof the contents of the security UI via a crafted HTML page. (Chromium security severity: Low)
CVE-2023-0704 1 Google 1 Chrome 2023-09-30 N/A 6.5 MEDIUM
Insufficient policy enforcement in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to bypass same origin policy and proxy settings via a crafted HTML page. (Chromium security severity: Low)
CVE-2023-2463 3 Debian, Fedoraproject, Google 4 Debian Linux, Fedora, Android and 1 more 2023-09-30 N/A 4.3 MEDIUM
Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-2460 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2023-09-30 N/A 7.1 HIGH
Insufficient validation of untrusted input in Extensions in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to bypass file access checks via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-21794 1 Microsoft 1 Edge Chromium 2023-09-30 N/A 4.3 MEDIUM
Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVE-2022-23303 2 Fedoraproject, W1.fi 3 Fedora, Hostapd, Wpa Supplicant 2023-09-30 6.8 MEDIUM 9.8 CRITICAL
The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9494.
CVE-2023-0931 1 Google 1 Chrome 2023-09-30 N/A 8.8 HIGH
Use after free in Video in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-2134 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2023-09-30 N/A 8.8 HIGH
Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-2723 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2023-09-30 N/A 8.8 HIGH
Use after free in DevTools in Google Chrome prior to 113.0.5672.126 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-1821 2 Fedoraproject, Google 2 Fedora, Chrome 2023-09-30 N/A 6.5 MEDIUM
Inappropriate implementation in WebShare in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially hide the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low)