CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-3195 – Gentoo Linux Security Advisory 202209-23
https://notcve.org/view.php?id=CVE-2022-3195
26 Sep 2022 — Out of bounds write in Storage in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) Una escritura fuera de límites en Storage en Google Chrome versiones anteriores a 105.0.5195.125, permitía a un atacante remoto llevar a cabo una escritura en memoria fuera de límites por medio de una página HTML diseñada. (Gravedad de seguridad de Chromium: Alta) Multiple vulnerabilities have been found in Chro... • https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop_14.html • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 1CVE-2022-3199 – Chrome blink::LocalFrameView::PerformLayout Use-After-Free
https://notcve.org/view.php?id=CVE-2022-3199
26 Sep 2022 — Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Un uso de memoria previamente liberada en Frames en Google Chrome antes de la versión 105.0.5195.125 permitía a un atacante remoto explotar potencialmente la corrupción de heap a través de una página HTML manipulada. (Gravedad de seguridad de Chromium: Alta) Multiple vulnerabilities have been found in Chromium and its d... • https://packetstorm.news/files/id/170012 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2998 – Chrome LinkToTextMenuObserver::CompleteWithError Heap Use-After-Free
https://notcve.org/view.php?id=CVE-2022-2998
16 Sep 2022 — Use after free in Browser Creation in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who had convinced a user to engage in a specific UI interaction to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Browser Creation en Google Chrome versiones anteriores a 104.0.5112.101, permitía que un atacante remoto que hubiera convencido a un usuario de participar en una interacción específica de la interfaz de usuario pudiera explotar una corrupci... • https://packetstorm.news/files/id/168401 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-2855 – Gentoo Linux Security Advisory 202208-35
https://notcve.org/view.php?id=CVE-2022-2855
22 Aug 2022 — Use after free in ANGLE in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en ANGLE en Google Chrome versiones anteriores a 104.0.5112.101, permitía a un atacante remoto explotar potencialmente una corrupción de pila por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versi... • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_16.html • CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-2861 – Gentoo Linux Security Advisory 202208-35
https://notcve.org/view.php?id=CVE-2022-2861
22 Aug 2022 — Inappropriate implementation in Extensions API in Google Chrome prior to 104.0.5112.101 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts into WebUI via a crafted HTML page. Una implementación inapropiada de Extensions API en Google Chrome versiones anteriores a 104.0.5112.101, permitía a un atacante que convenciera a un usuario de instalar una extensión maliciosa inyectar scripts arbitrarios en la Interfaz de Usuario Web por medio de una página HTML manip... • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_16.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2022-2852 – Chrome AccountSelectionBubbleView::OnAccountImageFetched Heap Use-After-Free
https://notcve.org/view.php?id=CVE-2022-2852
22 Aug 2022 — Use after free in FedCM in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en FedCM en Google Chrome versiones anteriores a 104.0.5112.101, permitía a un atacante remoto explotar potencialmente una corrupción de pila por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versi... • https://packetstorm.news/files/id/169457 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-2858 – Gentoo Linux Security Advisory 202208-35
https://notcve.org/view.php?id=CVE-2022-2858
22 Aug 2022 — Use after free in Sign-In Flow in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via specific UI interaction. Un uso de memoria previamente liberada en Sign-In Flow en Google Chrome versiones anteriores a 104.0.5112.101, permitía a un atacante remoto explotar potencialmente una corrupción de pila por medio de una interacción específica de la Interfaz de Usuario. Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of whic... • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_16.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2022-2853 – Gentoo Linux Security Advisory 202208-35
https://notcve.org/view.php?id=CVE-2022-2853
22 Aug 2022 — Heap buffer overflow in Downloads in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento de la memoria intermedia de pila en Downloads en Google Chrome en Android versiones anteriores a 104.0.5112.101, permitía a un atacante remoto que hubiera comprometido el proceso de renderización explotar potencialmente una corrupción de la memoria intermedia por medio de una ... • https://packetstorm.news/files/id/169459 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-2854 – Gentoo Linux Security Advisory 202208-35
https://notcve.org/view.php?id=CVE-2022-2854
22 Aug 2022 — Use after free in SwiftShader in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en SwiftShader en Google Chrome versiones anteriores a 104.0.5112.101, permitía a un atacante remoto explotar potencialmente una corrupción de pila por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code exec... • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_16.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-2859 – Gentoo Linux Security Advisory 202208-35
https://notcve.org/view.php?id=CVE-2022-2859
22 Aug 2022 — Use after free in Chrome OS Shell in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions. Un uso de memoria previamente liberada en Chrome OS Shell en Google Chrome versiones anteriores a 104.0.5112.101, permitía que un atacante remoto que convenciera a un usuario de participar en interacciones específicas de la Interfaz de Usuario pudiera explotar la corrupción de la pi... • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_16.html • CWE-416: Use After Free •