CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-1129 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1129
28 Apr 2022 — Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 100.0.4896.60 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. Una implementación inapropiada en el modo de pantalla completa en Google Chrome en Android versiones anteriores a 100.0.4896.60 permitía a un atacante remoto falsificar el contenido de la Omnibox (barra de URL) por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its deri... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_29.html • CWE-290: Authentication Bypass by Spoofing •
CVSS: 8.1EPSS: 0%CPEs: 2EXPL: 1CVE-2022-1130 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1130
28 Apr 2022 — Insufficient validation of trust input in WebOTP in Google Chrome on Android prior to 100.0.4896.60 allowed a remote attacker to send arbitrary intents from any app via a malicious app. Una comprobación insuficiente de la entrada confiable en WebOTP en Google Chrome en Android versiones anteriores a 100.0.4896.60, permitía a un atacante remoto enviar intenciones arbitrarias desde cualquier aplicación por medio de una aplicación maliciosa Multiple vulnerabilities have been found in Chromium and its derivativ... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_29.html • CWE-476: NULL Pointer Dereference •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1131 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1131
28 Apr 2022 — Use after free in Cast UI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un Uso de memoria previamente liberada en Cast UI en Google Chrome versiones anteriores a 100.0.4896.60, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Ve... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_29.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1133 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1133
28 Apr 2022 — Use after free in WebRTC Perf in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un Uso de memoria previamente liberada en WebRTC Perf en Google Chrome versiones anteriores a 100.0.4896.60, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execu... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_29.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1135 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1135
28 Apr 2022 — Use after free in Shopping Cart in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via standard feature user interaction. Un Uso de memoria previamente liberada en Shopping Cart en Google Chrome versiones anteriores a 100.0.4896.60, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de la interacción del usuario con una función estándar Multiple vulnerabilities have been found in Chromium and its derivatives, the wor... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_29.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1136 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1136
28 Apr 2022 — Use after free in Tab Strip in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific set of user gestures. Un Uso de memoria previamente liberada en Tab Strip en Google Chrome versiones anteriores a 100.0.4896.60, permitía a un atacante que convencía a un usuario de instalar una extensión maliciosa explotar potencialmente la corrupción de la pila por medio de un conjunto específico de gestos del usua... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_29.html • CWE-416: Use After Free •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1137 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1137
28 Apr 2022 — Inappropriate implementation in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to leak potentially sensitive information via a crafted HTML page. Una implementación inapropiada en Extensions en Google Chrome versiones anteriores a 100.0.4896.60, permitía a un atacante que convenciera a un usuario de instalar una extensión maliciosa filtrar información potencialmente sensible por medio de una página HTML diseñada Multiple vulnerabi... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_29.html • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1138 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1138
28 Apr 2022 — Inappropriate implementation in Web Cursor in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who had compromised the renderer process to obscure the contents of the Omnibox (URL bar) via a crafted HTML page. Una implementación inapropiada de Web Cursor en Google Chrome versiones anteriores a 100.0.4896.60, permitía a un atacante remoto que hubiera comprometido el proceso de renderización ocultar el contenido de la Omnibox (barra de URL) por medio de una página HTML diseñada Multiple vulnerab... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_29.html • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1139 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1139
28 Apr 2022 — Inappropriate implementation in Background Fetch API in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Una implementación inapropiada de Background Fetch API en Google Chrome versiones anteriores a 100.0.4896.60, permitía a un atacante remoto filtrar datos de origen cruzado por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. ... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_29.html • CWE-203: Observable Discrepancy •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1141 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1141
28 Apr 2022 — Use after free in File Manager in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific user gesture. Un Uso de memoria previamente liberada en File Manager en Google Chrome versiones anteriores a 100.0.4896.60, permitió que un atacante remoto que convenció a un usuario para participar en la interacción de usuario específico para explotar potencialmente la corrupción de la pila por medio ... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_29.html • CWE-416: Use After Free •