CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 1CVE-2022-2010 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-2010
28 Jun 2022 — Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Una lectura fuera de límites en compositing Google Chrome versiones anteriores a 102.0.5005.115, permitía a un atacante remoto que hubiera comprometido el proceso de renderización llevar a cabo un escape del sandbox por medio de una página HTML diseñada The code in cc::PaintImageReader::Read (cc::PaintIm... • https://packetstorm.news/files/id/167719 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-2162 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-2162
28 Jun 2022 — Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 103.0.5060.53 allowed a remote attacker to bypass file system access via a crafted HTML page. La aplicación insuficiente de políticas en la API del sistema de archivos de Google Chrome en Windows versiones anteriores a 103.0.5060.53, permitía a un atacante remoto omitir el acceso al sistema de archivos por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the wors... • https://chromereleases.googleblog.com/2022/06/stable-channel-update-for-desktop_21.html •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-2158 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-2158
28 Jun 2022 — Type confusion in V8 in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una confusión de tipo en V8 en Google Chrome versiones anteriores a 103.0.5060.53, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less than 5.15.5_p20... • https://chromereleases.googleblog.com/2022/06/stable-channel-update-for-desktop_21.html • CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-2164 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-2164
28 Jun 2022 — Inappropriate implementation in Extensions API in Google Chrome prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted HTML page. Una implementación inapropiada en Extensions API en Google Chrome versiones anteriores a 103.0.5060.53, permitía a un atacante que convenciera a un usuario de instalar una extensión maliciosa omitir el control de acceso discrecional por medio de una página HTML diseñada Multiple vulnera... • https://chromereleases.googleblog.com/2022/06/stable-channel-update-for-desktop_21.html •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-1919 – Gentoo Linux Security Advisory 202208-08
https://notcve.org/view.php?id=CVE-2022-1919
19 Jun 2022 — Use after free in Codecs in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Codecs en Google Chrome versiones anteriores a 101.0.4951.41, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could ... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2022-1641 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1641
28 May 2022 — Use after free in Web UI Diagnostics in Google Chrome on Chrome OS prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interaction. Un uso de memoria previamente liberada en Web UI Diagnostics en Google Chrome en Chrome OS versiones anteriores a 101.0.4951.64 permitió que un atacante remoto que convenció a un usuario para participar en las interacciones específicas de la interfaz de usuario para ... • https://chromereleases.googleblog.com/2022/05/stable-channel-update-for-desktop_10.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-1874 – Debian Security Advisory 5148-1
https://notcve.org/view.php?id=CVE-2022-1874
28 May 2022 — Insufficient policy enforcement in Safe Browsing in Google Chrome on Mac prior to 102.0.5005.61 allowed a remote attacker to bypass downloads protection policy via a crafted HTML page. Una aplicación insuficiente de la política en Safe Browsing en Google Chrome en Mac versiones anteriores a 102.0.5005.61, permitía a un atacante remoto omitir la política de protección de descargas por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of whic... • https://chromereleases.googleblog.com/2022/05/stable-channel-update-for-desktop_24.html •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-1638 – Debian Security Advisory 5134-1
https://notcve.org/view.php?id=CVE-2022-1638
28 May 2022 — Heap buffer overflow in V8 Internationalization in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de pila en V8 Internationalization en Google Chrome versiones anteriores a 101.0.4951.64, permitía a un atacante remoto explotar potencialmente la corrupción de la memoria intermedia por medio de una página HTML diseñada. Multiple security issues were discovered in Chromium, which could result in the exec... • https://chromereleases.googleblog.com/2022/05/stable-channel-update-for-desktop_10.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1876 – Debian Security Advisory 5148-1
https://notcve.org/view.php?id=CVE-2022-1876
28 May 2022 — Heap buffer overflow in DevTools in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de la pila en DevTools en Google Chrome versiones anteriores a 102.0.5005.61, permitía a un atacante que convenciera a un usuario de instalar una extensión maliciosa explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabil... • https://chromereleases.googleblog.com/2022/05/stable-channel-update-for-desktop_24.html • CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1873 – Debian Security Advisory 5148-1
https://notcve.org/view.php?id=CVE-2022-1873
28 May 2022 — Insufficient policy enforcement in COOP in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Una aplicación insuficiente de la política en COOP en Google Chrome versiones anteriores a 102.0.5005.61, permitía a un atacante remoto filtrar datos de origen cruzado por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less tha... • https://chromereleases.googleblog.com/2022/05/stable-channel-update-for-desktop_24.html • CWE-668: Exposure of Resource to Wrong Sphere •