CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1499 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1499
28 Apr 2022 — Inappropriate implementation in WebAuthentication in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Una implementación inapropiada de WebAuthentication en Google Chrome versiones anteriores a 101.0.4951.41, permitía a un atacante remoto eludir la política del mismo origen por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html • CWE-863: Incorrect Authorization •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1305 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1305
28 Apr 2022 — Use after free in storage in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en storage en Google Chrome versiones anteriores a 100.0.4896.88, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Ve... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_11.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 1CVE-2022-1484 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1484
28 Apr 2022 — Heap buffer overflow in Web UI Settings in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de la pila en Web UI Settings en Google Chrome versiones anteriores a 101.0.4951.41, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in re... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2022-1489 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1489
28 Apr 2022 — Out of bounds memory access in UI Shelf in Google Chrome on Chrome OS, Lacros prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific user interactions. Un acceso a la memoria fuera de límites en UI Shelf en Google Chrome en Chrome OS, Lacros versiones anteriores a 101.0.4951.41, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de interacciones de usuario específicas. Multiple vulnerabilities have been found in Chromium and... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html • CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1492 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1492
28 Apr 2022 — Insufficient data validation in Blink Editing in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to inject arbitrary scripts or HTML via a crafted HTML page. Una comprobación insuficiente de datos en Blink Editing en Google Chrome versiones anteriores a 101.0.4951.41, permitía a un atacante remoto inyectar scripts o HTML arbitrarios por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code ex... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1310 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1310
28 Apr 2022 — Use after free in regular expressions in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en regular expressions en Google Chrome versiones anteriores a 100.0.4896.88, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in r... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_11.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1496 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1496
28 Apr 2022 — Use after free in File Manager in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction. Un uso de memoria previamente liberada en File Manager en Google Chrome versiones anteriores a 101.0.4951.41, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una interacción específica y directa con el usuario. Multiple vulnerabilities have been found in Chromium and its derivatives, the w... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1485 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1485
28 Apr 2022 — Use after free in File System API in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en File System API en Google Chrome versiones anteriores a 101.0.4951.41, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote c... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 2CVE-2022-1483 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1483
28 Apr 2022 — Heap buffer overflow in WebGPU in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de WebGPU de Google Chrome versiones anteriores a 101.0.4951.41, permitía a un atacante remoto que hubiera comprometido el proceso de renderización explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Ch... • https://packetstorm.news/files/id/167515 • CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 1CVE-2022-1495 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1495
28 Apr 2022 — Incorrect security UI in Downloads in Google Chrome on Android prior to 101.0.4951.41 allowed a remote attacker to spoof the APK downloads dialog via a crafted HTML page. Una Interfaz de Seguridad incorrecta en Downloads en Google Chrome en Android versiones anteriores a 101.0.4951.41, permitía a un atacante remoto falsificar el diálogo de descargas de APK por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remot... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html • CWE-290: Authentication Bypass by Spoofing •