CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-0794 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-0794
28 Mar 2022 — Use after free in WebShare in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en WebShare en Google Chrome versiones anteriores a 99.0.4844.51, permitía que un atacante remoto que convenciera a un usuario de participar en una interacción específica con el usuario explotar potencialmente una corrupción de la pila por medio de una pági... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-0795 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-0795
28 Mar 2022 — Type confusion in Blink Layout in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una confusión de tipo en Blink Layout en Google Chrome versiones anteriores a 99.0.4844.51, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions l... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-0796 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-0796
28 Mar 2022 — Use after free in Media in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Media en Google Chrome versiones anteriores a 99.0.4844.51, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Version... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1CVE-2022-0797 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-0797
28 Mar 2022 — Out of bounds memory access in Mojo in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Un acceso a memoria fuera de límites en Mojo en Google Chrome versiones anteriores a 99.0.4844.51, permitía a un atacante remoto llevar a cabo una escritura en memoria fuera de límites por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code e... • https://packetstorm.news/files/id/166557 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-0798 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-0798
28 Mar 2022 — Use after free in MediaStream in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Un uso de memoria previamente liberada en MediaStream en Google Chrome versiones anteriores a 99.0.4844.51, permitía a un atacante que convenciera a un usuario de instalar una extensión maliciosa explotar potencialmente una corrupción de la pila por medio de una extensión de Chrome diseñada Multip... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-0799 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-0799
28 Mar 2022 — Insufficient policy enforcement in Installer in Google Chrome on Windows prior to 99.0.4844.51 allowed a remote attacker to perform local privilege escalation via a crafted offline installer file. Una aplicación insuficiente de políticas en Installer de Google Chrome en Windows versiones anteriores a 99.0.4844.51, permitía a un atacante remoto llevar a cabo una escalada de privilegios local por medio de un archivo de instalación sin conexión diseñado Multiple vulnerabilities have been found in Chromium and ... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-0800 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-0800
28 Mar 2022 — Heap buffer overflow in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de la pila en Cast UI en Google Chrome versiones anteriores a 99.0.4844.51, permitía a un atacante remoto que convenciera a un usuario de realizar una interacción específica con él, explotar potencialmente una corrupción de la pila por medio de una página HTML ma... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html • CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-0801 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-0801
28 Mar 2022 — Inappropriate implementation in HTML parser in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass XSS preventions via a crafted HTML page. (Chrome security severity: Medium) Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less than 5.15.5_p20220618>= are affected. • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2022-0802 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-0802
28 Mar 2022 — Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. Una implementación inapropiada de Full screen mode en Google Chrome en Android versiones anteriores a 99.0.4844.51, permitía a un atacante remoto ocultar el contenido de la Omnibox (barra de URL) por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the wors... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-0803 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-0803
28 Mar 2022 — Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to tamper with the contents of the Omnibox (URL bar) via a crafted HTML page. Una implementación inapropiada en Permissions en Google Chrome versiones anteriores a 99.0.4844.51, permitía a un atacante remoto manipular el contenido de la Omnibox (barra de URL) por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html •