CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 1CVE-2022-1130 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1130
28 Apr 2022 — Insufficient validation of trust input in WebOTP in Google Chrome on Android prior to 100.0.4896.60 allowed a remote attacker to send arbitrary intents from any app via a malicious app. Una comprobación insuficiente de la entrada confiable en WebOTP en Google Chrome en Android versiones anteriores a 100.0.4896.60, permitía a un atacante remoto enviar intenciones arbitrarias desde cualquier aplicación por medio de una aplicación maliciosa Multiple vulnerabilities have been found in Chromium and its derivativ... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_29.html • CWE-476: NULL Pointer Dereference •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1308 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1308
28 Apr 2022 — Use after free in BFCache in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en BFCache en Google Chrome versiones anteriores a 100.0.4896.88, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Ve... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_11.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2022-1311 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1311
28 Apr 2022 — Use after free in shell in Google Chrome on ChromeOS prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en shell en Google Chrome en ChromeOS versiones anteriores a 100.0.4896.88, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remot... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_11.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1486 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1486
28 Apr 2022 — Type confusion in V8 in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Una confusión de tipo en V8 en Google Chrome versiones anteriores a 101.0.4951.41, permitía a un atacante remoto conseguir información potencialmente confidencial de la memoria del proceso por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1477 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1477
28 Apr 2022 — Use after free in Vulkan in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Vulkan en Google Chrome versiones anteriores a 101.0.4951.41, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Ver... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html • CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1146 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1146
28 Apr 2022 — Inappropriate implementation in Resource Timing in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Una implementación inapropiada en Resource Timing en Google Chrome versiones anteriores a 100.0.4896.60, permitía a un atacante remoto filtrar datos de origen cruzado por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions l... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_29.html • CWE-203: Observable Discrepancy •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1494 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1494
28 Apr 2022 — Insufficient data validation in Trusted Types in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass trusted types policy via a crafted HTML page. Una comprobación insuficiente de datos en Trusted Types en Google Chrome versiones anteriores a 101.0.4951.41, permitía a un atacante remoto eludir la política de tipos de confianza por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code ex... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1501 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1501
28 Apr 2022 — Inappropriate implementation in iframe in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Una implementación inapropiada de iframe en Google Chrome versiones anteriores a 101.0.4951.41, permitía a un atacante remoto filtrar datos de origen cruzado por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less than 5.15.5_p... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1482 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1482
28 Apr 2022 — Inappropriate implementation in WebGL in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una implementación inapropiada de WebGL en Google Chrome versiones anteriores a 101.0.4951.41, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution.... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2022-1481 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1481
28 Apr 2022 — Use after free in Sharing in Google Chrome on Mac prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Sharing en Google Chrome en Mac versiones anteriores a 101.0.4951.41, permitía que un atacante remoto que convenciera a un usuario de participar en una interacción específica con el usuario explotara potencialmente la corrupción de la pila por med... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html • CWE-416: Use After Free •