CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-0294 – Debian Security Advisory 5054-1
https://notcve.org/view.php?id=CVE-2022-0294
28 Jan 2022 — Inappropriate implementation in Push messaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Una implementación inapropiada en Push messaging en Google Chrome versiones anteriores a 97.0.4692.99, permitía a un atacante remoto que hubiera comprometido el proceso de renderización omitir el aislamiento del sitio por medio de una página HTML diseñada Multiple security issues were discovered in Chromium,... • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html •
CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 0CVE-2022-0300 – Debian Security Advisory 5054-1
https://notcve.org/view.php?id=CVE-2022-0300
28 Jan 2022 — Use after free in Text Input Method Editor in Google Chrome on Android prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Text Input Method Editor en Google Chrome en Android versiones anteriores a 97.0.4692.99, permitía que un atacante remoto que convenciera a un usuario de participar en interacciones de usuario específicas explotara potencialme... • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html • CWE-416: Use After Free •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 1CVE-2022-0118 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2022-0118
28 Jan 2022 — Inappropriate implementation in WebShare in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially hide the contents of the Omnibox (URL bar) via a crafted HTML page. Una implementación inapropiada de WebShare en Google Chrome versiones anteriores a 97.0.4692.71, permitía a un atacante remoto ocultar potencialmente el contenido de la Omnibox (barra de URL) por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of ... • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-0302 – Debian Security Advisory 5054-1
https://notcve.org/view.php?id=CVE-2022-0302
28 Jan 2022 — Use after free in Omnibox in Google Chrome prior to 97.0.4692.99 allowed an attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Omnibox en Google Chrome versiones anteriores a 97.0.4692.99, permitía a un atacante que convencía a un usuario de participar en interacciones específicas con el usuario explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Mu... • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 1CVE-2022-0107 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2022-0107
28 Jan 2022 — Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en File Manager API en Google Chrome en Chrome OS versiones anteriores a 97.0.4692.71, permitía a un atacante que convenciera a un usuario de instalar una extensión maliciosa explotar potencialmente una corrupción de pila por medio de una página HT... • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2022-0102 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2022-0102
28 Jan 2022 — Type confusion in V8 in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Una confusión de tipos en V8 en Google Chrome versiones anteriores a 97.0.4692.71, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 1CVE-2022-0112 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2022-0112
28 Jan 2022 — Incorrect security UI in Browser UI in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to display missing URL or incorrect URL via a crafted URL. Una implementación incorrecta de la Interfaz de seguridad en Browser UI en Google Chrome versiones anteriores a 97.0.4692.71, permitía a un atacante remoto mostrar una URL que faltaba o una URL incorrecta por medio de una URL diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial o... • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 1CVE-2022-0108 – Debian Security Advisory 5397-1
https://notcve.org/view.php?id=CVE-2022-0108
28 Jan 2022 — Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Una implementación inapropiada de Navigation en Google Chrome versiones anteriores a 97.0.4692.71, permitía a un atacante remoto filtrar datos de origen cruzado por medio de una página HTML diseñada Vulnerabilities have been discovered in the WebKitGTK web engine. Luan Herrera discovered that an HTML document may be able to render iframes with sensiti... • http://www.openwall.com/lists/oss-security/2023/04/21/3 • CWE-346: Origin Validation Error •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 1CVE-2022-0117 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2022-0117
28 Jan 2022 — Policy bypass in Blink in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Una omisión de políticas en Blink en Google Chrome versiones anteriores a 97.0.4692.71, permitía a un atacante remoto filtrar datos de origen cruzado por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html • CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-4099 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2021-4099
28 Jan 2022 — Use after free in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Swiftshader en Google Chrome versiones anteriores a 96.0.4664.110, permitía a un atacante remoto explotar potencialmente una corrupción de pila por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service o... • https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop_13.html • CWE-416: Use After Free •