CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-3051 – Gentoo Linux Security Advisory 202209-23
https://notcve.org/view.php?id=CVE-2022-3051
26 Sep 2022 — Heap buffer overflow in Exosphere in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions. Un desbordamiento del búfer de la pila en Exosphere en Google Chrome en Chrome OS, Lacros versiones anteriores a 105.0.5195.52, permitía a un atacante remoto que convenciera a un usuario de participar en interacciones específicas de la Interfaz de Usuario explotar... • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-3050 – Gentoo Linux Security Advisory 202209-23
https://notcve.org/view.php?id=CVE-2022-3050
26 Sep 2022 — Heap buffer overflow in WebUI in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions. Un desbordamiento del búfer de la pila en WebUI de Google Chrome en Chrome OS versiones anteriores a 105.0.5195.52, permitía que un atacante remoto que convenciera a un usuario de participar en interacciones específicas de la Interfaz de Usuario explotar potencialmente una co... • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2022-3049 – Gentoo Linux Security Advisory 202209-23
https://notcve.org/view.php?id=CVE-2022-3049
26 Sep 2022 — Use after free in SplitScreen in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en SplitScreen en Google Chrome en Chrome OS, Lacros versiones anteriores a 105.0.5195.52, permitió a un atacante remoto que convenció a un usuario de participar en interacciones específicas de la Interfaz de Usuario específicos para... • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-3048 – Gentoo Linux Security Advisory 202209-23
https://notcve.org/view.php?id=CVE-2022-3048
26 Sep 2022 — Inappropriate implementation in Chrome OS lockscreen in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a local attacker to bypass lockscreen navigation restrictions via physical access to the device. Una implementación inapropiada en Chrome OS lockscreen en Google Chrome en Chrome OS versiones anteriores a 105.0.5195.52, permitía a un atacante local omitir las restricciones de navegación de la pantalla de bloqueo por medio del acceso físico al dispositivo. Multiple vulnerabilities have been found... • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html • CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-3043 – Gentoo Linux Security Advisory 202209-23
https://notcve.org/view.php?id=CVE-2022-3043
26 Sep 2022 — Heap buffer overflow in Screen Capture in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de la pila en Screen Capture de Google Chrome en Chrome OS versiones anteriores a 105.0.5195.52, permitía que un atacante remoto que convenciera a un usuario de realizar determinadas interacciones de la Interfaz de Usuario explotar potencialme... • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-3042 – Gentoo Linux Security Advisory 202209-23
https://notcve.org/view.php?id=CVE-2022-3042
26 Sep 2022 — Use after free in PhoneHub in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en PhoneHub en Google Chrome en Chrome OS versiones anteriores a 105.0.5195.52, permitía a un atacante remoto explotar potencialmente una corrupción de pila por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result i... • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-3201 – Gentoo Linux Security Advisory 202311-11
https://notcve.org/view.php?id=CVE-2022-3201
26 Sep 2022 — Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: High) La validación insuficiente de las entradas no fiables en DevTools en Google Chrome en el sistema operativo Chrome anterior a la versión 105.0.5195.125 permitía a un atacante que convenciera a un usuario de instalar una extensión malici... • https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-2620 – Gentoo Linux Security Advisory 202208-35
https://notcve.org/view.php?id=CVE-2022-2620
12 Aug 2022 — Use after free in WebUI in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. Un uso de la memoria previamente liberada en WebUI en Google Chrome en Chrome OS versiones anteriores a 104.0.5112.79, permitía a un atacante remoto que convenciera a un usuario para participar en las interacciones de usuario específicas para potencialmente explotar la corrupció... • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop.html • CWE-665: Improper Initialization •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-2613 – Gentoo Linux Security Advisory 202208-35
https://notcve.org/view.php?id=CVE-2022-2613
12 Aug 2022 — Use after free in Input in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to enage in specific user interactions to potentially exploit heap corruption via specific UI interactions. Un uso de la memoria previamente liberada en Input en Google Chrome en Chrome OS versiones anteriores a 104.0.5112.79, permitía a un atacante remoto que convenciera a un usuario de participar en interacciones de usuario específicas explotar potencialmente la corrupción de la pila... • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-2609 – Gentoo Linux Security Advisory 202208-35
https://notcve.org/view.php?id=CVE-2022-2609
12 Aug 2022 — Use after free in Nearby Share in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. Un uso de la memoria previamente liberada en Nearby Share en Google Chrome en Chrome OS versiones anteriores a 104.0.5112.79, permitía a un atacante remoto que convencía a un usuario de participar en interacciones de usuario específicas explotar potencialmente la corrupci... • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •