CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-3048 – Gentoo Linux Security Advisory 202209-23
https://notcve.org/view.php?id=CVE-2022-3048
12 Sep 2022 — Inappropriate implementation in Chrome OS lockscreen in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a local attacker to bypass lockscreen navigation restrictions via physical access to the device. Una implementación inapropiada en Chrome OS lockscreen en Google Chrome en Chrome OS versiones anteriores a 105.0.5195.52, permitía a un atacante local omitir las restricciones de navegación de la pantalla de bloqueo por medio del acceso físico al dispositivo. Multiple vulnerabilities have been found... • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html • CWE-863: Incorrect Authorization •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-3053 – Gentoo Linux Security Advisory 202209-23
https://notcve.org/view.php?id=CVE-2022-3053
12 Sep 2022 — Inappropriate implementation in Pointer Lock in Google Chrome on Mac prior to 105.0.5195.52 allowed a remote attacker to restrict user navigation via a crafted HTML page. Una implementación inapropiada de Pointer Lock en Google Chrome en Mac versiones anteriores a 105.0.5195.52, permitía a un atacante remoto restringir la navegación del usuario por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execu... • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-3058 – Gentoo Linux Security Advisory 202209-23
https://notcve.org/view.php?id=CVE-2022-3058
12 Sep 2022 — Use after free in Sign-In Flow in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interaction. Un uso de memoria previamente liberada en Sign-In Flow en Google Chrome versiones anteriores a 105.0.5195.52, permitía que un atacante remoto que convenciera a un usuario de participar en interacciones específicas de la Interfaz de Usuario explotar potencialmente una corrupción de pila po... • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-3039 – Gentoo Linux Security Advisory 202209-23
https://notcve.org/view.php?id=CVE-2022-3039
12 Sep 2022 — Use after free in WebSQL in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en WebSQL en Google Chrome versiones anteriores a 105.0.5195.52, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Ve... • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-3055 – Gentoo Linux Security Advisory 202209-23
https://notcve.org/view.php?id=CVE-2022-3055
12 Sep 2022 — Use after free in Passwords in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Passwords en Google Chrome versiones anteriores a 105.0.5195.52, permitía a un atacante remoto que convencía a un usuario de participar en interacciones específicas de la Interfaz de Usuario explotar potencialmente una corrupción de pila por medio de un... • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html • CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-3047 – Gentoo Linux Security Advisory 202209-23
https://notcve.org/view.php?id=CVE-2022-3047
12 Sep 2022 — Insufficient policy enforcement in Extensions API in Google Chrome prior to 105.0.5195.52 allowed an attacker who convinced a user to install a malicious extension to bypass downloads policy via a crafted HTML page. Una aplicación insuficiente de políticas en Extensions API en Google Chrome versiones anteriores a 105.0.5195.52, permitía a un atacante que convenciera a un usuario de instalar una extensión maliciosa omitir la política de descargas por medio de una página HTML diseñada. Multiple vulnerabilitie... • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html • CWE-602: Client-Side Enforcement of Server-Side Security •
CVSS: 10.0EPSS: 81%CPEs: 2EXPL: 2CVE-2022-3038 – Google Chromium Network Service Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2022-3038
12 Sep 2022 — Use after free in Network Service in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Network Service en Google Chrome versiones anteriores a 105.0.5195.52, permitía a un atacante remoto explotar potencialmente una corrupción de pila por medio de una página HTML diseñada. Google Chrome version 103.0.5060.53 (Official Build) and Chromium version 105.0.5148.0 (Developer Build) (64-bit) suffe... • https://packetstorm.news/files/id/168596 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 0CVE-2022-3043 – Gentoo Linux Security Advisory 202209-23
https://notcve.org/view.php?id=CVE-2022-3043
12 Sep 2022 — Heap buffer overflow in Screen Capture in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de la pila en Screen Capture de Google Chrome en Chrome OS versiones anteriores a 105.0.5195.52, permitía que un atacante remoto que convenciera a un usuario de realizar determinadas interacciones de la Interfaz de Usuario explotar potencialme... • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html • CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-3056 – Gentoo Linux Security Advisory 202209-23
https://notcve.org/view.php?id=CVE-2022-3056
12 Sep 2022 — Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to bypass content security policy via a crafted HTML page. Una aplicación insuficiente de políticas en Content Security Policy en Google Chrome versiones anteriores a 105.0.5195.52, permitía a un atacante remoto omitir la política de seguridad de contenidos por medio de una página HTML manipulada. Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of w... • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html • CWE-693: Protection Mechanism Failure •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-3042 – Gentoo Linux Security Advisory 202209-23
https://notcve.org/view.php?id=CVE-2022-3042
12 Sep 2022 — Use after free in PhoneHub in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en PhoneHub en Google Chrome en Chrome OS versiones anteriores a 105.0.5195.52, permitía a un atacante remoto explotar potencialmente una corrupción de pila por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result i... • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •