Page 65 of 2511 results (0.013 seconds)

CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0

28 Mar 2022 — Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. Una implementación inapropiada en Full screen mode completa en Google Chrome en Android versiones anteriores a 99.0.4844.51, permitía a un atacante remoto ocultar el contenido de la Omnibox (barra de URL) por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives,... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html •

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0

28 Mar 2022 — Use after free in Browser Switcher in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction. Un uso de memoria previamente liberada en Browser Switcher en Google Chrome versiones anteriores a 99.0.4844.51, permitía que un atacante remoto que convenciera a un usuario de participar en una interacción específica con el usuario explotar potencialmente una corrupción de la pila por medi... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html • CWE-416: Use After Free •

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0

28 Mar 2022 — Data leak in Canvas in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in screen sharing to potentially leak cross-origin data via a crafted HTML page. Un filtrado de datos en Canvas en Google Chrome versiones anteriores a 99.0.4844.51, permitía a un atacante remoto que convenciera a un usuario de participar en una pantalla compartida filtrar potencialmente datos de origen cruzado por medio de una página HTML diseñada Multiple vulnerabilities have been found in C... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html • CWE-125: Out-of-bounds Read •

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0

28 Mar 2022 — Inappropriate implementation in Autofill in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Una implementación inapropiada de Autofill en Google Chrome versiones anteriores a 99.0.4844.51, permitía a un atacante remoto omitir las restricciones de navegación por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions le... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

28 Mar 2022 — Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in a series of user interaction to potentially exploit heap corruption via user interactions. Un uso de memoria previamente liberada en Chrome OS Shell en Google Chrome en Chrome OS versiones anteriores a 99.0.4844.51, permitía que un atacante remoto que convenciera a un usuario de participar en una serie de interacciones con el usuario explotar potencialmente una co... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html • CWE-416: Use After Free •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

28 Mar 2022 — Out of bounds memory access in WebXR in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un acceso a la memoria fuera de límites en WebXR en Google Chrome versiones anteriores a 99.0.4844.51, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code exec... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html • CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

21 Feb 2022 — Type confusion in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una confusión de tipo en V8 en Google Chrome versiones anteriores a 98.0.4758.80, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions less than 98.... • https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

21 Feb 2022 — Use after free in Thumbnail Tab Strip in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Thumbnail Tab Strip en Google Chrome versiones anteriores a 98.0.4758.80, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the ... • https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html • CWE-416: Use After Free •

CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0

21 Feb 2022 — Use after free in Screen Capture in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who had compromised the renderer process and convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Screen Capture en Google Chrome versiones anteriores a 98.0.4758.80, permitía a un atacante remoto que hubiera comprometido el proceso del renderizador y convencido a un usuario de participar en una interacc... • https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html • CWE-416: Use After Free •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

21 Feb 2022 — Use after free in Window Dialogue in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Window Dialogue en Google Chrome versiones anteriores a 98.0.4758.80, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrar... • https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html • CWE-416: Use After Free •