Search Results (120838 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-5857 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2025-02-13 8.8 High
Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially execute arbitrary code via a malicious file. (Chromium security severity: Medium)
CVE-2023-5853 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2025-02-13 4.3 Medium
Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-5851 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2025-02-13 4.3 Medium
Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-5850 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2025-02-13 4.3 Medium
Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Medium)
CVE-2023-5495 1 Qdocs 1 Smart School 2025-02-13 6.3 Medium
A vulnerability was found in QDocs Smart School 6.4.1. It has been classified as critical. This affects an unknown part of the file /course/filterRecords/ of the component HTTP POST Request Handler. The manipulation of the argument searchdata[0][title]/searchdata[0][searchfield]/searchdata[0][searchvalue] leads to sql injection. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-241647. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2023-5486 2 Debian, Google 2 Debian Linux, Chrome 2025-02-13 4.3 Medium
Inappropriate implementation in Input in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Low)
CVE-2023-5484 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2025-02-13 6.5 Medium
Inappropriate implementation in Navigation in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-5483 2 Debian, Google 2 Debian Linux, Chrome 2025-02-13 6.5 Medium
Inappropriate implementation in Intents in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-5481 2 Debian, Google 2 Debian Linux, Chrome 2025-02-13 6.5 Medium
Inappropriate implementation in Downloads in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-5480 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2025-02-13 6.1 Medium
Inappropriate implementation in Payments in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to bypass XSS preventions via a malicious file. (Chromium security severity: High)
CVE-2023-5478 2 Debian, Google 2 Debian Linux, Chrome 2025-02-13 4.3 Medium
Inappropriate implementation in Autofill in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
CVE-2023-5473 2 Debian, Google 2 Debian Linux, Chrome 2025-02-13 6.3 Medium
Use after free in Cast in Google Chrome prior to 118.0.5993.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)
CVE-2023-5186 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2025-02-13 8.8 High
Use after free in Passwords in Google Chrome prior to 117.0.5938.132 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: High)
CVE-2023-4909 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2025-02-13 4.3 Medium
Inappropriate implementation in Interstitials in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low)
CVE-2023-4908 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2025-02-13 4.3 Medium
Inappropriate implementation in Picture in Picture in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Low)
CVE-2023-4907 3 Debian, Fedoraproject, Google 4 Debian Linux, Fedora, Android and 1 more 2025-02-13 4.3 Medium
Inappropriate implementation in Intents in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low)
CVE-2023-4906 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2025-02-13 4.3 Medium
Insufficient policy enforcement in Autofill in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low)
CVE-2023-4905 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2025-02-13 4.3 Medium
Inappropriate implementation in Prompts in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-4904 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2025-02-13 4.3 Medium
Insufficient policy enforcement in Downloads in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to bypass Enterprise policy restrictions via a crafted download. (Chromium security severity: Medium)
CVE-2023-4903 3 Debian, Fedoraproject, Google 4 Debian Linux, Fedora, Android and 1 more 2025-02-13 4.3 Medium
Inappropriate implementation in Custom Mobile Tabs in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)