Page 190 of 3350 results (0.009 seconds)

CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0

Use after free in Aura in Google Chrome on Linux prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en Aura en Google Chrome en Linux versiones anteriores a 89.0.4389.114, permitía a un atacante remoto que había comprometido el proceso del renderizador explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada • https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop_30.html https://crbug.com/1179635 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EAJ42L4JFPBJATCZ7MOZQTUDGV4OEHHG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U3GZ42MYPGD35V652ZPVPYYS7A7LVXVY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUZBGKGVZADNA3I24NVG7HAYYUTOSN5A https://security.gentoo.org/glsa/202104-08 • CWE-416: Use After Free •

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0

Heap buffer overflow in TabStrip in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de la pila en TabStrip en Google Chrome versiones anteriores a 89.0.4389.114, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada • https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop_30.html https://crbug.com/1173903 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EAJ42L4JFPBJATCZ7MOZQTUDGV4OEHHG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U3GZ42MYPGD35V652ZPVPYYS7A7LVXVY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUZBGKGVZADNA3I24NVG7HAYYUTOSN5A https://security.gentoo.org/glsa/202104-08 • CWE-787: Out-of-bounds Write •

CVSS: 7.4EPSS: 0%CPEs: 4EXPL: 0

Out of bounds read in IPC in Google Chrome prior to 89.0.4389.114 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Una lectura fuera de límites en IPC en Google Chrome versiones anteriores a 89.0.4389.114, permitía a un atacante remoto que había comprometido el proceso del renderizador llevar a cabo potencialmente un escape del sandbox por medio de una página HTML diseñada Looking at the Mojo implementation of Chrome's legacy IPC, the legacy ipc::Message type is transferred inside a BigBuffer. • http://packetstormsecurity.com/files/162973/Chrome-Legacy-ipc-Message-Passed-Via-Shared-Memory.html https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop_30.html https://crbug.com/1184399 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EAJ42L4JFPBJATCZ7MOZQTUDGV4OEHHG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U3GZ42MYPGD35V652ZPVPYYS7A7LVXVY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproje • CWE-125: Out-of-bounds Read •

CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0

Heap buffer overflow in TabStrip in Google Chrome on Windows prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de la pila en TabStrip en Google Chrome en Windows versiones anteriores a 89.0.4389.114, permitió a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada • https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop_30.html https://crbug.com/1175992 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EAJ42L4JFPBJATCZ7MOZQTUDGV4OEHHG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U3GZ42MYPGD35V652ZPVPYYS7A7LVXVY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUZBGKGVZADNA3I24NVG7HAYYUTOSN5A https://security.gentoo.org/glsa/202104-08 • CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0

Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de la memoria previamente liberada en screen sharing en Google Chrome versiones anteriores a 89.0.4389.114, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada • https://chromereleases.googleblog.com/2021/03/stable-channel-update-for-desktop_30.html https://crbug.com/1181228 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EAJ42L4JFPBJATCZ7MOZQTUDGV4OEHHG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U3GZ42MYPGD35V652ZPVPYYS7A7LVXVY https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VUZBGKGVZADNA3I24NVG7HAYYUTOSN5A https://security.gentoo.org/glsa/202104-08 • CWE-416: Use After Free •