Page 68 of 3188 results (0.014 seconds)

CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 0

21 Feb 2022 — Inappropriate implementation in Extensions Platform in Google Chrome prior to 98.0.4758.80 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page. Una implementación inapropiada de Extensions Platform en Google Chrome versiones anteriores a 98.0.4758.80, permitía que un atacante que convenciera a un usuario de instalar una extensión maliciosa potencialmente llevar a cabo un filtrado de sandbox por medio de una página HTML dis... • https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

21 Feb 2022 — Use after free in Reader Mode in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Reader Mode de Google Chrome versiones anteriores a 98.0.4758.80, permitía a un atacante remoto que hubiera comprometido el proceso de renderización explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have bee... • https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html • CWE-416: Use After Free •

CVSS: 8.8EPSS: 2%CPEs: 1EXPL: 0

21 Feb 2022 — Use after free in Animation in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Animation en Google Chrome versiones anteriores a 98.0.4758.102, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary executio... • https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html • CWE-416: Use After Free •

CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 1

28 Jan 2022 — Heap buffer overflow in Bookmarks in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via specific user gesture. Un desbordamiento del búfer de la pila en Bookmarks en Google Chrome versiones anteriores a 97.0.4692.71, permitía a un atacante remoto que convenciera a un usuario de llevar a cabo un gesto específico, explotar la corrupción de la pila por medio de un gesto específico del usuario Multiple se... • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html • CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

28 Jan 2022 — Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de la pila en Task Manager en Google Chrome versiones anteriores a 97.0.4692.99, permitía a un atacante remoto que convenciera a un usuario de participar en una interacción específica con el usuario explotar potencialmente una corrupción de la pila por medio... • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html • CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0

28 Jan 2022 — Heap buffer overflow in ANGLE in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de la pila en ANGLE en Google Chrome versiones anteriores a 97.0.4692.71, permitía a un atacante remoto explotar potencialmente una corrupción de pila por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or inform... • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html • CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0

28 Jan 2022 — Use after free in Vulkan in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Vulkan en Google Chrome versiones anteriores a 97.0.4692.99, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or informa... • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html • CWE-416: Use After Free •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

28 Jan 2022 — Heap buffer overflow in PDFium in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de la pila en PDFium en Google Chrome versiones anteriores a 97.0.4692.99, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or i... • https://packetstorm.news/files/id/166367 • CWE-787: Out-of-bounds Write •

CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 1

28 Jan 2022 — Incorrect security UI in Browser UI in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to display missing URL or incorrect URL via a crafted URL. Una implementación incorrecta de la Interfaz de seguridad en Browser UI en Google Chrome versiones anteriores a 97.0.4692.71, permitía a un atacante remoto mostrar una URL que faltaba o una URL incorrecta por medio de una URL diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial o... • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html •

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 1

28 Jan 2022 — Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to incorrectly set origin via a crafted HTML page. Una implementación inapropiada en Navigation en Google Chrome versiones anteriores a 97.0.4692.71, permitía a un atacante remoto establecer incorrectamente el origen por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclos... • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html • CWE-346: Origin Validation Error •