Page 71 of 2459 results (0.006 seconds)

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 1

28 Jan 2022 — Policy bypass in Blink in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Una omisión de políticas en Blink en Google Chrome versiones anteriores a 97.0.4692.71, permitía a un atacante remoto filtrar datos de origen cruzado por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html • CWE-863: Incorrect Authorization •

CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 1

28 Jan 2022 — Heap buffer overflow in Bookmarks in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via specific user gesture. Un desbordamiento del búfer de la pila en Bookmarks en Google Chrome versiones anteriores a 97.0.4692.71, permitía a un atacante remoto que convenciera a un usuario de llevar a cabo un gesto específico, explotar la corrupción de la pila por medio de un gesto específico del usuario Multiple se... • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html • CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

28 Jan 2022 — Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de la pila en Task Manager en Google Chrome versiones anteriores a 97.0.4692.99, permitía a un atacante remoto que convenciera a un usuario de participar en una interacción específica con el usuario explotar potencialmente una corrupción de la pila por medio... • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html • CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0

28 Jan 2022 — Heap buffer overflow in ANGLE in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de la pila en ANGLE en Google Chrome versiones anteriores a 97.0.4692.71, permitía a un atacante remoto explotar potencialmente una corrupción de pila por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or inform... • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html • CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0

28 Jan 2022 — Use after free in Vulkan in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Vulkan en Google Chrome versiones anteriores a 97.0.4692.99, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or informa... • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html • CWE-416: Use After Free •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

28 Jan 2022 — Heap buffer overflow in PDFium in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de la pila en PDFium en Google Chrome versiones anteriores a 97.0.4692.99, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or i... • https://packetstorm.news/files/id/166367 • CWE-787: Out-of-bounds Write •

CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 1

28 Jan 2022 — Incorrect security UI in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. Una implementación incorrecta de la Interfaz de seguridad en Autofill en Google Chrome versiones anteriores a 97.0.4692.71, permitía a un atacante remoto falsificar el contenido de la Omnibox (barra de URL) por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arb... • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

28 Jan 2022 — Inappropriate implementation in Push messaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Una implementación inapropiada en Push messaging en Google Chrome versiones anteriores a 97.0.4692.99, permitía a un atacante remoto que hubiera comprometido el proceso de renderización omitir el aislamiento del sitio por medio de una página HTML diseñada Multiple security issues were discovered in Chromium,... • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html •

CVSS: 8.8EPSS: 2%CPEs: 1EXPL: 0

28 Jan 2022 — Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en V8 en Google Chrome versiones anteriores a 96.0.4664.110, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information d... • https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop_13.html • CWE-416: Use After Free •

CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 0

28 Jan 2022 — Use after free in Scheduling in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Scheduling en Google Chrome versiones anteriores a 97.0.4692.99, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or... • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html • CWE-416: Use After Free •