Vulnerabilities > Google > Chrome > 116.0.5845.140

DATE CVE VULNERABILITY TITLE RISK
2023-09-28 CVE-2023-5187 Use After Free vulnerability in multiple products
Use after free in Extensions in Google Chrome prior to 117.0.5938.132 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-416
8.8
8.8
2023-09-12 CVE-2023-4900 Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to obfuscate a permission prompt via a crafted HTML page.
network
low complexity
google fedoraproject debian
4.3
4.3
2023-09-12 CVE-2023-4901 Inappropriate implementation in Prompts in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to potentially spoof security UI via a crafted HTML page.
network
low complexity
google fedoraproject debian
4.3
4.3
2023-09-12 CVE-2023-4902 Inappropriate implementation in Input in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page.
network
low complexity
google fedoraproject debian
4.3
4.3
2023-09-12 CVE-2023-4903 Inappropriate implementation in Custom Mobile Tabs in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page.
network
low complexity
google fedoraproject debian
4.3
4.3
2023-09-12 CVE-2023-4904 Insufficient policy enforcement in Downloads in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to bypass Enterprise policy restrictions via a crafted download.
network
low complexity
google fedoraproject debian
4.3
4.3
2023-09-12 CVE-2023-4905 Inappropriate implementation in Prompts in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page.
network
low complexity
google fedoraproject debian
4.3
4.3
2023-09-12 CVE-2023-4906 Insufficient policy enforcement in Autofill in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page.
network
low complexity
google fedoraproject debian
4.3
4.3
2023-09-12 CVE-2023-4907 Inappropriate implementation in Intents in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to obfuscate security UI via a crafted HTML page.
network
low complexity
google fedoraproject debian
4.3
4.3
2023-09-12 CVE-2023-4908 Inappropriate implementation in Picture in Picture in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page.
network
low complexity
google fedoraproject debian
4.3
4.3