CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-0805 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-0805
28 Mar 2022 — Use after free in Browser Switcher in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction. Un uso de memoria previamente liberada en Browser Switcher en Google Chrome versiones anteriores a 99.0.4844.51, permitía que un atacante remoto que convenciera a un usuario de participar en una interacción específica con el usuario explotar potencialmente una corrupción de la pila por medi... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-0806 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-0806
28 Mar 2022 — Data leak in Canvas in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in screen sharing to potentially leak cross-origin data via a crafted HTML page. Un filtrado de datos en Canvas en Google Chrome versiones anteriores a 99.0.4844.51, permitía a un atacante remoto que convenciera a un usuario de participar en una pantalla compartida filtrar potencialmente datos de origen cruzado por medio de una página HTML diseñada Multiple vulnerabilities have been found in C... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2022-0807 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-0807
28 Mar 2022 — Inappropriate implementation in Autofill in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Una implementación inapropiada de Autofill en Google Chrome versiones anteriores a 99.0.4844.51, permitía a un atacante remoto omitir las restricciones de navegación por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Versions le... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-0809 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2022-0809
28 Mar 2022 — Out of bounds memory access in WebXR in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un acceso a la memoria fuera de límites en WebXR en Google Chrome versiones anteriores a 99.0.4844.51, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code exec... • https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-0604 – Debian Security Advisory 5079-1
https://notcve.org/view.php?id=CVE-2022-0604
21 Feb 2022 — Heap buffer overflow in Tab Groups in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de la pila en Tab Groups de Google Chrome versiones anteriores a 98.0.4758.102, permitía que un atacante que convenciera a un usuario de instalar una extensión maliciosa y participar en una interacción específica con el usuario exp... • https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-0605 – Debian Security Advisory 5079-1
https://notcve.org/view.php?id=CVE-2022-0605
21 Feb 2022 — Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and convinced a user to enage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Webstore API en Google Chrome versiones anteriores a 98.0.4758.102, permitía a un atacante que convenciera a un usuario de instalar una extensión maliciosa y lo convenciera de participar en una interacc... • https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-0606 – Debian Security Advisory 5079-1
https://notcve.org/view.php?id=CVE-2022-0606
21 Feb 2022 — Use after free in ANGLE in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en ANGLE en Google Chrome versiones anteriores a 98.0.4758.102, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of cod... • https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html • CWE-416: Use After Free •
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 0CVE-2022-0452 – Debian Security Advisory 5068-1
https://notcve.org/view.php?id=CVE-2022-0452
21 Feb 2022 — Use after free in Safe Browsing in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Un uso de memoria previamente liberada en Safe Browsing en Google Chrome versiones anteriores a 98.0.4758.80, permitía a un atacante remoto llevar a cabo un filtrado de sandbox por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of c... • https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 0CVE-2022-0466 – Debian Security Advisory 5068-1
https://notcve.org/view.php?id=CVE-2022-0466
21 Feb 2022 — Inappropriate implementation in Extensions Platform in Google Chrome prior to 98.0.4758.80 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page. Una implementación inapropiada de Extensions Platform en Google Chrome versiones anteriores a 98.0.4758.80, permitía que un atacante que convenciera a un usuario de instalar una extensión maliciosa potencialmente llevar a cabo un filtrado de sandbox por medio de una página HTML dis... • https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-0453 – Debian Security Advisory 5068-1
https://notcve.org/view.php?id=CVE-2022-0453
21 Feb 2022 — Use after free in Reader Mode in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Reader Mode de Google Chrome versiones anteriores a 98.0.4758.80, permitía a un atacante remoto que hubiera comprometido el proceso de renderización explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have bee... • https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html • CWE-416: Use After Free •