CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2CVE-2022-1483 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1483
28 Apr 2022 — Heap buffer overflow in WebGPU in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de WebGPU de Google Chrome versiones anteriores a 101.0.4951.41, permitía a un atacante remoto que hubiera comprometido el proceso de renderización explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Ch... • https://packetstorm.news/files/id/167515 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1484 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1484
28 Apr 2022 — Heap buffer overflow in Web UI Settings in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de la pila en Web UI Settings en Google Chrome versiones anteriores a 101.0.4951.41, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in re... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html • CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1494 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1494
28 Apr 2022 — Insufficient data validation in Trusted Types in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass trusted types policy via a crafted HTML page. Una comprobación insuficiente de datos en Trusted Types en Google Chrome versiones anteriores a 101.0.4951.41, permitía a un atacante remoto eludir la política de tipos de confianza por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code ex... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-1500 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-1500
28 Apr 2022 — Insufficient data validation in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass content security policy via a crafted HTML page. Una comprobación insuficiente de datos en Dev Tools en Google Chrome versiones anteriores a 101.0.4951.41, permitía a un atacante remoto eludir la política de seguridad de contenidos por medio de una página HTML diseñada. Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code ex... • https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0789 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-0789
28 Mar 2022 — Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de la pila en ANGLE en Google Chrome versiones anteriores a 99.0.4844.51, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. V... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-0793 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-0793
28 Mar 2022 — Use after free in Cast in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension and engage in specific user interaction to potentially exploit heap corruption via a crafted Chrome Extension. Un uso de memoria previamente liberada en Cast en Google Chrome versiones anteriores a 99.0.4844.51, permitía que un atacante que convenciera a un usuario de instalar una extensión maliciosa y participar en una interacción específica con el usuario explotar potenci... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-0795 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-0795
28 Mar 2022 — Type confusion in Blink Layout in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una confusión de tipo en Blink Layout en Google Chrome versiones anteriores a 99.0.4844.51, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions l... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-0796 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-0796
28 Mar 2022 — Use after free in Media in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Media en Google Chrome versiones anteriores a 99.0.4844.51, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Version... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-0797 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-0797
28 Mar 2022 — Out of bounds memory access in Mojo in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Un acceso a memoria fuera de límites en Mojo en Google Chrome versiones anteriores a 99.0.4844.51, permitía a un atacante remoto llevar a cabo una escritura en memoria fuera de límites por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code e... • https://packetstorm.news/files/id/166557 • CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-0801 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-0801
28 Mar 2022 — Inappropriate implementation in HTML parser in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass XSS preventions via a crafted HTML page. (Chrome security severity: Medium) Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less than 5.15.5_p20220618>= are affected. • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •