CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1498 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1498
28 Apr 2022 — Inappropriate implementation in HTML Parser in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Una implementación inapropiada en HTML Parser en Google Chrome versiones anteriores a 101.0.4951.41, permitía a un atacante remoto filtrar datos de origen cruzado por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less tha... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1499 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1499
28 Apr 2022 — Inappropriate implementation in WebAuthentication in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Una implementación inapropiada de WebAuthentication en Google Chrome versiones anteriores a 101.0.4951.41, permitía a un atacante remoto eludir la política del mismo origen por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html • CWE-863: Incorrect Authorization •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-1500 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1500
28 Apr 2022 — Insufficient data validation in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass content security policy via a crafted HTML page. Una comprobación insuficiente de datos en Dev Tools en Google Chrome versiones anteriores a 101.0.4951.41, permitía a un atacante remoto eludir la política de seguridad de contenidos por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code ex... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1501 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1501
28 Apr 2022 — Inappropriate implementation in iframe in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Una implementación inapropiada de iframe en Google Chrome versiones anteriores a 101.0.4951.41, permitía a un atacante remoto filtrar datos de origen cruzado por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less than 5.15.5_p... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 2CVE-2022-0971 – Debian Security Advisory 5104-1
https://notcve.org/view.php?id=CVE-2022-0971
28 Mar 2022 — Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Blink Layout en Google Chrome en Android versiones anteriores a 99.0.4844.74, permitía a un atacante remoto que hubiera comprometido el proceso de renderización explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple v... • https://packetstorm.news/files/id/167005 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 2CVE-2022-0972 – Debian Security Advisory 5104-1
https://notcve.org/view.php?id=CVE-2022-0972
28 Mar 2022 — Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Extensions en Google Chrome versiones anteriores a 99.0.4844.74, permitía a un atacante que convenciera a un usuario de instalar una extensión maliciosa explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities... • https://packetstorm.news/files/id/167179 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0973 – Debian Security Advisory 5104-1
https://notcve.org/view.php?id=CVE-2022-0973
28 Mar 2022 — Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Safe Browsing en Google Chrome versiones anteriores a 99.0.4844.74, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code exe... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0974 – Debian Security Advisory 5104-1
https://notcve.org/view.php?id=CVE-2022-0974
28 Mar 2022 — Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Splitscreen en Google Chrome en Chrome OS versiones anteriores a 99.0.4844.74, permitía que un atacante remoto que convenciera a un usuario de participar en una interacción específica con el usuario explotara potencialmente la corrupción ... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0975 – Debian Security Advisory 5104-1
https://notcve.org/view.php?id=CVE-2022-0975
28 Mar 2022 — Use after free in ANGLE in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en ANGLE en Google Chrome versiones anteriores a 99.0.4844.74, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0976 – Debian Security Advisory 5104-1
https://notcve.org/view.php?id=CVE-2022-0976
28 Mar 2022 — Heap buffer overflow in GPU in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer en GPU en Google Chrome versiones anteriores a 99.0.4844.74, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less tha... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html • CWE-787: Out-of-bounds Write •