Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2023-2033

Published: 14/04/2023 Updated: 30/09/2023
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
Subscribe to Chrome

Vulnerability Summary

Type confusion in V8 in Google Chrome before 112.0.5615.121 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

google chrome

debian debian linux 11.0

Vendor Advisories

Debian Security Advisories: DSA-5390-1 chromium -- security update
Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code For the stable distribution (bullseye), this problem has been fixed in version 11205615121-1~deb11u1 We recommend that you upgrade your chromium packages For the detailed security status of chromium please refer to its security tracker ...
Google Chrome: Stable Channel Update for Desktop
The Stable and extended stable channel has been updated to 11205615121 for Windows Mac and Linux  which will roll out over the coming days/weeks A full list of changes in this build is available in the logM112 Stable Update for Desktop - v11205615121Security Fixes and RewardsNote: Access to bug details and links may be kept restr ...
Google Chrome: Long Term Support Channel Update for ChromeOS
LTS-108 is being updated in the LTS channel to 10805359230 (Platform Version: 15183930) for most ChromeOS devices Want to know more about Long Term Support? Click hereThis update contains multiple Security fixes, including:1421268 High  CVE-2023-1532 Out of bounds read in GPU Video1420510 High&nbs ...

Github Repositories

CVE-2023-2033 cve-2023-2033 exploit

CVE-2023-2033 coming soon

CVE-2023-2033 Reproduce CVE-2023-2033

Exploit for CVE-2023-2033

TISC 2023 Write Up Level 1 - Disk Archaeology In this challenge, we were provided with challengeimg, which contained ext4 filesystem data As this is a forensics challenge, I started off by opening the image file in Autopsy Once everything has loaded, we were able to see that there is a file of interest, an ELF binary,under the 'Deleted Files' category In order to

Github CVE Monitor Automatic monitor github cve using Github Actions Last generated : 2023-08-10 02:27:54320425 CVE Name Description Date CVE-2023-51504 Sybelle03/CVE-2023-51504 This is a dockerized reproduction of the MotoCMS SQL injection (cf exploit db) 2023-06-08T07:37:08Z CVE-2023-38814 actuator/BSIDES-Security-Rochester-2023 Hardware Hacking: A Brief Primer on

Github CVE Monitor Automatic monitor github cve using Github Actions Last generated : 2023-07-21 13:57:04700072 CVE Name Description Date CVE-2023-38632 Halcy0nic/CVE-2023-38632 Proof of concept for CVE-2023-38632 2023-07-21T05:03:57Z CVE-2023-38434 Halcy0nic/CVE-2023-38434 Proof of Concept for CVE-2023-38434 2023-07-18T16:09:04Z CVE-2023-38408 snowcra5h/CVE-2023-

Recent Articles

IT threat evolution in Q2 2023. Non-mobile statistics
Securelist • AMR • 30 Aug 2023

IT threat evolution in Q2 2023
IT threat evolution in Q2 2023. Non-mobile statistics
IT threat evolution in Q2 2023. Mobile statistics

These statistics are based on detection verdicts of Kaspersky products and services received from users who consented to providing statistical data.
Quarterly figures
According to Kaspersky Security Network, in Q2 2023:

Kaspersky solutions blocked 801,934,281 attacks from online resources across the globe.
A...

Read more...
Update now: Google emits emergency fix for zero-day Chrome vulnerability
The Register

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Also: Tech players spin up white hat protection, this week's critical bugs, and more

In brief Google on Friday released an emergency update for Chrome to address a zero-day security flaw.
The vulnerability, tracked as CVE-2023-2033, can be exploited by a malicious webpage to run arbitrary code in the browser. Thus, surfing to a bad website with a vulnerable browser could lead to your device being hijacked. Exploit code for this hole is said to be circulating, and may well be in use already by miscreants.
This high-severity type-confusion bug is present in at least Ch...

Read more...

References

CWE-843https://crbug.com/1432210https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_14.htmlhttps://www.debian.org/security/2023/dsa-5390https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FEJZMAUB4XP44HSHEBDWEKFGA7DUHY42/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4AOSGAOPXLBK4A5ZRTVZ4M6QKVLSWMWG/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RJQI63HWZFL6M26Q6UOHKDY6LD2PFC5Z/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHHD6KNH4WLUE6JG6HRQZWNAJMHJ32X7/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SLO7BL2MHZYPY6O3OAEAQL3SKYMGGO6M/https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ES2CDRHR2Y4WY6DNDIAPYZFXJU3ZBFAV/https://security.gentoo.org/glsa/202309-17https://github.com/WalccDev/CVE-2023-2033https://www.theregister.co.uk/2023/04/17/chrome_emergency_patch/https://nvd.nist.govhttps://www.debian.org/security/2023/dsa-5390
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
insecure direct object referenceCVE-2023-30736CVE-2023-39647CVE-2023-42793injectCVE-2023-20101CVE-2023-4497XXECVE-2023-5217
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook