CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 1CVE-2022-2010 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-2010
28 Jun 2022 — Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Una lectura fuera de límites en compositing Google Chrome versiones anteriores a 102.0.5005.115, permitía a un atacante remoto que hubiera comprometido el proceso de renderización llevar a cabo un escape del sandbox por medio de una página HTML diseñada The code in cc::PaintImageReader::Read (cc::PaintIm... • https://packetstorm.news/files/id/167719 • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 1CVE-2022-2156 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-2156
28 Jun 2022 — Use after free in Core in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Core en Google Chrome versiones anteriores a 103.0.5060.53, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions... • https://packetstorm.news/files/id/167784 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-2007 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-2007
28 Jun 2022 — Use after free in WebGPU in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en WebGPU en Google Chrome versiones anteriores a 102.0.5005.115, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Ve... • https://chromereleases.googleblog.com/2022/06/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2022-2157 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-2157
28 Jun 2022 — Use after free in Interest groups in Google Chrome prior to 103.0.5060.53 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Interest groups en Google Chrome versiones anteriores a 103.0.5060.53 permitía a un atacante remoto que hubiera comprometido el proceso de renderización explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities ... • https://chromereleases.googleblog.com/2022/06/stable-channel-update-for-desktop_21.html • CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-2160 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-2160
28 Jun 2022 — Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from a user's local files via a crafted HTML page. Una aplicación insuficiente de políticas en DevTools en Google Chrome en Windows versiones anteriores a 103.0.5060.53, permitía que un atacante que convenciera a un usuario de instalar una extensión maliciosa obtuviera información potencialmente co... • https://chromereleases.googleblog.com/2022/06/stable-channel-update-for-desktop_21.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-2008 – Debian Security Advisory 5163-1
https://notcve.org/view.php?id=CVE-2022-2008
28 Jun 2022 — Double free in WebGL in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una doble liberación en WebGL en Google Chrome versiones anteriores a 102.0.5005.115, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. • https://chromereleases.googleblog.com/2022/06/stable-channel-update-for-desktop.html • CWE-415: Double Free •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-2162 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-2162
28 Jun 2022 — Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 103.0.5060.53 allowed a remote attacker to bypass file system access via a crafted HTML page. La aplicación insuficiente de políticas en la API del sistema de archivos de Google Chrome en Windows versiones anteriores a 103.0.5060.53, permitía a un atacante remoto omitir el acceso al sistema de archivos por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the wors... • https://chromereleases.googleblog.com/2022/06/stable-channel-update-for-desktop_21.html •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-2165 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-2165
28 Jun 2022 — Insufficient data validation in URL formatting in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. Una comprobación insuficiente de datos en URL formatting en Google Chrome versiones anteriores a 103.0.5060.53, permitía a un atacante remoto llevar a cabo una suplantación de dominio mediante homógrafos de IDN por medio de un nombre de dominio diseñado Multiple vulnerabilities have been found in Chromium and its derivatives... • https://chromereleases.googleblog.com/2022/06/stable-channel-update-for-desktop_21.html •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-1919 – Gentoo Linux Security Advisory 202208-08
https://notcve.org/view.php?id=CVE-2022-1919
19 Jun 2022 — Use after free in Codecs in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Codecs en Google Chrome versiones anteriores a 101.0.4951.41, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could ... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-1633 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1633
28 May 2022 — Use after free in Sharesheet in Google Chrome on Chrome OS prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interactions. Un uso de memoria previamente liberada en Sharesheet en Google Chrome en Chrome OS versiones anteriores a 101.0.4951.64, permitía a un atacante remoto que había convencido a un usuario de participar en interacciones de UI específicas para explotar potencialmente la corrupci... • https://chromereleases.googleblog.com/2022/05/stable-channel-update-for-desktop_10.html • CWE-416: Use After Free •