Page 63 of 3216 results (0.023 seconds)

CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0

28 Mar 2022 — Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. Una implementación inapropiada de Full screen mode en Google Chrome en Android versiones anteriores a 99.0.4844.51, permitía a un atacante remoto ocultar el contenido de la Omnibox (barra de URL) por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the wors... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

28 Mar 2022 — Heap buffer overflow in GPU in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer en GPU en Google Chrome versiones anteriores a 99.0.4844.74, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less tha... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html • CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0

28 Mar 2022 — Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via user interactions. Un uso de memoria previamente liberada en Omnibox en Google Chrome versiones anteriores a 99.0.4844.51, permitía que un atacante remoto que convenciera a un usuario de participar en interacciones de usuario específicas explotar potencialmente una corrupción de la pila por medio de unas interaccion... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html • CWE-416: Use After Free •

CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 2

28 Mar 2022 — Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Blink Layout en Google Chrome en Android versiones anteriores a 99.0.4844.74, permitía a un atacante remoto que hubiera comprometido el proceso de renderización explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple v... • https://packetstorm.news/files/id/167005 • CWE-416: Use After Free •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

28 Mar 2022 — Type confusion in Blink Layout in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una confusión de tipo en Blink Layout en Google Chrome versiones anteriores a 99.0.4844.51, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions l... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0

28 Mar 2022 — Use after free in MediaStream in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Un uso de memoria previamente liberada en MediaStream en Google Chrome versiones anteriores a 99.0.4844.51, permitía a un atacante que convenciera a un usuario de instalar una extensión maliciosa explotar potencialmente una corrupción de la pila por medio de una extensión de Chrome diseñada Multip... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html • CWE-416: Use After Free •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

28 Mar 2022 — Inappropriate implementation in HTML parser in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass XSS preventions via a crafted HTML page. (Chrome security severity: Medium) Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less than 5.15.5_p20220618>= are affected. • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0

28 Mar 2022 — Inappropriate implementation in Autofill in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Una implementación inapropiada de Autofill en Google Chrome versiones anteriores a 99.0.4844.51, permitía a un atacante remoto omitir las restricciones de navegación por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions le... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1

28 Mar 2022 — Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Safe Browsing en Google Chrome versiones anteriores a 99.0.4844.74, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code exe... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html • CWE-416: Use After Free •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

28 Mar 2022 — Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in a series of user interaction to potentially exploit heap corruption via user interactions. Un uso de memoria previamente liberada en Chrome OS Shell en Google Chrome en Chrome OS versiones anteriores a 99.0.4844.51, permitía que un atacante remoto que convenciera a un usuario de participar en una serie de interacciones con el usuario explotar potencialmente una co... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html • CWE-416: Use After Free •