CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-2608 – Gentoo Linux Security Advisory 202208-35
https://notcve.org/view.php?id=CVE-2022-2608
12 Aug 2022 — Use after free in Overview Mode in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. Un uso de la memoria previamente liberada en Overview Mode en Google Chrome en Chrome OS versiones anteriores a 104.0.5112.79, permitía a un atacante remoto que convencía a un usuario de participar en interacciones de usuario específicas para explotar potencialmente la c... • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-2607 – Gentoo Linux Security Advisory 202208-35
https://notcve.org/view.php?id=CVE-2022-2607
12 Aug 2022 — Use after free in Tab Strip in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. Un uso de la memoria previamente liberada en Tab Strip en Google Chrome en Chrome OS versiones anteriores a 104.0.5112.79, permitía a un atacante remoto que convencía a un usuario de participar en interacciones de usuario específicas para explotar potencialmente la corrupció... • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 0CVE-2022-2587
https://notcve.org/view.php?id=CVE-2022-2587
12 Aug 2022 — Out of bounds write in Chrome OS Audio Server in Google Chrome on Chrome OS prior to 102.0.5005.125 allowed a remote attacker to potentially exploit heap corruption via crafted audio metadata. Una escritura fuera de límites en Chrome OS Audio Server en Google Chrome en Chrome OS versiones anteriores a 102.0.5005.125 permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de metadatos de audio diseñados. • https://chromereleases.googleblog.com/2022/06/stable-channel-update-for-chromeos.html • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2022-2296 – Gentoo Linux Security Advisory 202208-35
https://notcve.org/view.php?id=CVE-2022-2296
28 Jul 2022 — Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 103.0.5060.114 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via direct UI interactions. Un uso de memoria previamente liberada en Chrome OS Shell en Google Chrome en Chrome OS versiones anteriores a 103.0.5060.114, permitía que un atacante remoto que convenciera a un usuario de realizar interacciones específicas con el usuario explotara potencialmente la c... • https://chromereleases.googleblog.com/2022/07/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 1%CPEs: 31EXPL: 0CVE-2022-2294 – WebRTC Heap Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2022-2294
22 Jul 2022 — Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de la pila en WebRTC en Google Chrome versiones anteriores a 103.0.5060.114, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malic... • http://www.openwall.com/lists/oss-security/2022/07/28/2 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-1633 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1633
28 May 2022 — Use after free in Sharesheet in Google Chrome on Chrome OS prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interactions. Un uso de memoria previamente liberada en Sharesheet en Google Chrome en Chrome OS versiones anteriores a 101.0.4951.64, permitía a un atacante remoto que había convencido a un usuario de participar en interacciones de UI específicas para explotar potencialmente la corrupci... • https://chromereleases.googleblog.com/2022/05/stable-channel-update-for-desktop_10.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2022-1641 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1641
28 May 2022 — Use after free in Web UI Diagnostics in Google Chrome on Chrome OS prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interaction. Un uso de memoria previamente liberada en Web UI Diagnostics en Google Chrome en Chrome OS versiones anteriores a 101.0.4951.64 permitió que un atacante remoto que convenció a un usuario para participar en las interacciones específicas de la interfaz de usuario para ... • https://chromereleases.googleblog.com/2022/05/stable-channel-update-for-desktop_10.html • CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-1132 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1132
28 Apr 2022 — Inappropriate implementation in Virtual Keyboard in Google Chrome on Chrome OS prior to 100.0.4896.60 allowed a local attacker to bypass navigation restrictions via physical access to the device. Una implementación inapropiada en Virtual Keyboard en Google Chrome en Chrome OS versiones anteriores a 100.0.4896.60, permitía a un atacante local omitir las restricciones de navegación por medio del acceso físico al dispositivo Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_29.html • CWE-863: Incorrect Authorization •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2022-1311 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1311
28 Apr 2022 — Use after free in shell in Google Chrome on ChromeOS prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en shell en Google Chrome en ChromeOS versiones anteriores a 100.0.4896.88, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remot... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_11.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-1489 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1489
28 Apr 2022 — Out of bounds memory access in UI Shelf in Google Chrome on Chrome OS, Lacros prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific user interactions. Un acceso a la memoria fuera de límites en UI Shelf en Google Chrome en Chrome OS, Lacros versiones anteriores a 101.0.4951.41, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de interacciones de usuario específicas. Multiple vulnerabilities have been found in Chromium and... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html • CWE-787: Out-of-bounds Write •