Page 65 of 3216 results (0.015 seconds)

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0

28 Mar 2022 — Insufficient policy enforcement in Installer in Google Chrome on Windows prior to 99.0.4844.51 allowed a remote attacker to perform local privilege escalation via a crafted offline installer file. Una aplicación insuficiente de políticas en Installer de Google Chrome en Windows versiones anteriores a 99.0.4844.51, permitía a un atacante remoto llevar a cabo una escalada de privilegios local por medio de un archivo de instalación sin conexión diseñado Multiple vulnerabilities have been found in Chromium and ... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 1

28 Mar 2022 — Out of bounds memory access in Mojo in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Un acceso a memoria fuera de límites en Mojo en Google Chrome versiones anteriores a 99.0.4844.51, permitía a un atacante remoto llevar a cabo una escritura en memoria fuera de límites por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code e... • https://packetstorm.news/files/id/166557 • CWE-787: Out-of-bounds Write •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1

28 Mar 2022 — Use after free in ANGLE in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en ANGLE en Google Chrome versiones anteriores a 99.0.4844.74, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html • CWE-416: Use After Free •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1

28 Mar 2022 — Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interactions. Un uso de memoria previamente liberada en la Página New Tab en Google Chrome versiones anteriores a 99.0.4844.74, permitía a un atacante que convenciera a un usuario de instalar una extensión maliciosa explotar potencialmente la corrupción de la pila por medio de interacciones específicas del usu... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html • CWE-416: Use After Free •

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1

28 Mar 2022 — Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Splitscreen en Google Chrome en Chrome OS versiones anteriores a 99.0.4844.74, permitía que un atacante remoto que convenciera a un usuario de participar en una interacción específica con el usuario explotara potencialmente la corrupción ... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html • CWE-416: Use After Free •

CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 2

28 Mar 2022 — Type confusion in V8 in Google Chrome prior to 99.0.4844.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una confusión de tipo en V8 en Google Chrome versiones anteriores a 99.0.4844.84, permitía a un atacante remoto explotar potencialmente la corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions less than 5.15.5_p2022... • https://packetstorm.news/files/id/167516 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

21 Feb 2022 — Policy bypass in COOP in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to bypass iframe sandbox via a crafted HTML page. Una omisión de políticas en COOP en Google Chrome versiones anteriores a 98.0.4758.80, permitía a un atacante remoto omitir el sandbox de iframe por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions less than 98.0.4758.102 are affected. • https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

21 Feb 2022 — Use after free in Accessibility in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction. Un uso de memoria previamente liberada en Accessibility en Google Chrome versiones anteriores a 98.0.4758.80, permitía a un atacante remoto que convenciera a un usuario de participar en una interacción específica con el usuario explotar potencialmente una corrupción de la pila por medio de una... • https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html • CWE-416: Use After Free •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

21 Feb 2022 — Integer overflow in Mojo in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento de enteros en Mojo en Google Chrome versiones anteriores a 98.0.4758.102, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Version... • https://packetstorm.news/files/id/166340 • CWE-190: Integer Overflow or Wraparound •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

21 Feb 2022 — Out of bounds memory access in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un acceso a la memoria fuera de límites en V8 en Google Chrome versiones anteriores a 98.0.4758.80, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution ... • https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html • CWE-787: Out-of-bounds Write •