CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-2478 – Gentoo Linux Security Advisory 202208-35
https://notcve.org/view.php?id=CVE-2022-2478
28 Jul 2022 — Use after free in PDF in Google Chrome prior to 103.0.5060.134 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en PDF en Google Chrome versiones anteriores a 103.0.5060.134 permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions ... • https://chromereleases.googleblog.com/2022/07/stable-channel-update-for-desktop_19.html • CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-2479 – Gentoo Linux Security Advisory 202208-35
https://notcve.org/view.php?id=CVE-2022-2479
28 Jul 2022 — Insufficient validation of untrusted input in File in Google Chrome on Android prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious app to obtain potentially sensitive information from internal file directories via a crafted HTML page. Una comprobación insuficiente de entradas no confiables en File en Google Chrome en Android versiones anteriores a 103.0.5060.134, permitía a un atacante que convenciera a un usuario de instalar una aplicación maliciosa obtener información p... • https://chromereleases.googleblog.com/2022/07/stable-channel-update-for-desktop_19.html • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 12%CPEs: 1EXPL: 1CVE-2022-2480 – Gentoo Linux Security Advisory 202208-35
https://notcve.org/view.php?id=CVE-2022-2480
28 Jul 2022 — Use after free in Service Worker API in Google Chrome prior to 103.0.5060.134 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Service Worker API en Google Chrome versiones anteriores a 103.0.5060.134, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Chrome suffers from a heap use-after-free vulnerability in content::ServiceWorkerVersion::MaybeTimeoutRequest.... • https://packetstorm.news/files/id/168115 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-2481 – Gentoo Linux Security Advisory 202208-35
https://notcve.org/view.php?id=CVE-2022-2481
28 Jul 2022 — Use after free in Views in Google Chrome prior to 103.0.5060.134 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via UI interaction. Un uso de memoria previamente liberada en Views en Google Chrome versiones anteriores a 103.0.5060.134, permitía a un atacante remoto que convencía a un usuario de participar en interacciones de usuario específicas explotar potencialmente la corrupción de la pila por medio de una interacción de la In... • https://chromereleases.googleblog.com/2022/07/stable-channel-update-for-desktop_19.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 2%CPEs: 31EXPL: 0CVE-2022-2294 – WebRTC Heap Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2022-2294
22 Jul 2022 — Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de la pila en WebRTC en Google Chrome versiones anteriores a 103.0.5060.114, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malic... • http://www.openwall.com/lists/oss-security/2022/07/28/2 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-2162 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-2162
28 Jun 2022 — Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 103.0.5060.53 allowed a remote attacker to bypass file system access via a crafted HTML page. La aplicación insuficiente de políticas en la API del sistema de archivos de Google Chrome en Windows versiones anteriores a 103.0.5060.53, permitía a un atacante remoto omitir el acceso al sistema de archivos por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the wors... • https://chromereleases.googleblog.com/2022/06/stable-channel-update-for-desktop_21.html •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-2164 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-2164
28 Jun 2022 — Inappropriate implementation in Extensions API in Google Chrome prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted HTML page. Una implementación inapropiada en Extensions API en Google Chrome versiones anteriores a 103.0.5060.53, permitía a un atacante que convenciera a un usuario de instalar una extensión maliciosa omitir el control de acceso discrecional por medio de una página HTML diseñada Multiple vulnera... • https://chromereleases.googleblog.com/2022/06/stable-channel-update-for-desktop_21.html •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 1CVE-2022-2010 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-2010
28 Jun 2022 — Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Una lectura fuera de límites en compositing Google Chrome versiones anteriores a 102.0.5005.115, permitía a un atacante remoto que hubiera comprometido el proceso de renderización llevar a cabo un escape del sandbox por medio de una página HTML diseñada The code in cc::PaintImageReader::Read (cc::PaintIm... • https://packetstorm.news/files/id/167719 • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-2007 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-2007
28 Jun 2022 — Use after free in WebGPU in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en WebGPU en Google Chrome versiones anteriores a 102.0.5005.115, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Ve... • https://chromereleases.googleblog.com/2022/06/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-2008 – Debian Security Advisory 5163-1
https://notcve.org/view.php?id=CVE-2022-2008
28 Jun 2022 — Double free in WebGL in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una doble liberación en WebGL en Google Chrome versiones anteriores a 102.0.5005.115, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. • https://chromereleases.googleblog.com/2022/06/stable-channel-update-for-desktop.html • CWE-415: Double Free •