CVSS: 8.8EPSS: 9%CPEs: 1EXPL: 1CVE-2022-0289 – Debian Security Advisory 5054-1
https://notcve.org/view.php?id=CVE-2022-0289
28 Jan 2022 — Use after free in Safe browsing in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Safe browsing en Google Chrome versiones anteriores a 97.0.4692.99, permitía a un atacante remoto explotar potencialmente una corrupción de pila por medio de una página HTML diseñada Chrome suffers from a heap use-after-free vulnerability in safe_browsing::ThreatDetails::OnReceivedThreatDOMDetails. Versions ... • https://packetstorm.news/files/id/166547 • CWE-416: Use After Free •
CVSS: 9.6EPSS: 1%CPEs: 1EXPL: 1CVE-2022-0290 – Debian Security Advisory 5054-1
https://notcve.org/view.php?id=CVE-2022-0290
28 Jan 2022 — Use after free in Site isolation in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Un uso de memoria previamente liberada en Site isolation en Google Chrome versiones anteriores a 97.0.4692.99, permitía a un atacante remoto llevar a cabo un escape de sandbox por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or infor... • https://packetstorm.news/files/id/166080 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-0291 – Debian Security Advisory 5054-1
https://notcve.org/view.php?id=CVE-2022-0291
28 Jan 2022 — Inappropriate implementation in Storage in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Una implementación inapropiada en Storage en Google Chrome versiones anteriores a 97.0.4692.99, permitía a un atacante remoto que hubiera comprometido el proceso del renderizador realizar una omisión del aislamiento del sitio por medio de una página HTML diseñada Multiple security issues were discovered in Chromium... • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-0292 – Debian Security Advisory 5054-1
https://notcve.org/view.php?id=CVE-2022-0292
28 Jan 2022 — Inappropriate implementation in Fenced Frames in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Una implementación inapropiada en Fenced Frames en Google Chrome versiones anteriores a 97.0.4692.99, permitía a un atacante remoto que hubiera comprometido el proceso de renderizado, omitir las restricciones de navegación por medio de una página HTML diseñada Multiple security issues were discovered... • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-0308 – Debian Security Advisory 5054-1
https://notcve.org/view.php?id=CVE-2022-0308
28 Jan 2022 — Use after free in Data Transfer in Google Chrome on Chrome OS prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en Data Transfer en Google Chrome en Chrome OS versiones anteriores a 97.0.4692.99, permitía a un atacante remoto que convenciera a un usuario de realizar una interacción específica con el usuario explotar potencialmente una corrupción de ... • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html • CWE-416: Use After Free •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 1CVE-2022-0116 – Debian Security Advisory 5046-1
https://notcve.org/view.php?id=CVE-2022-0116
28 Jan 2022 — Inappropriate implementation in Compositing in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. Una implementación inapropiada de Compositing en Google Chrome versiones anteriores a 97.0.4692.71, permitía a un atacante remoto falsificar el contenido de la Omnibox (barra de URL) por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, d... • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-0309 – Debian Security Advisory 5054-1
https://notcve.org/view.php?id=CVE-2022-0309
28 Jan 2022 — Inappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Una implementación inapropiada de Autofill en Google Chrome versiones anteriores a 97.0.4692.99, permitía a un atacante remoto omitir las restricciones de navegación por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information d... • https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html • CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 37%CPEs: 1EXPL: 1CVE-2022-0306 – Debian Security Advisory 5054-1
https://notcve.org/view.php?id=CVE-2022-0306
28 Jan 2022 — Heap buffer overflow in PDFium in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento del búfer de la pila en PDFium en Google Chrome versiones anteriores a 97.0.4692.99, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de una página HTML diseñada Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or i... • https://packetstorm.news/files/id/166367 • CWE-787: Out-of-bounds Write •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 1CVE-2021-4098 – Chrome IPC::ChannelAssociatedGroupController Memory Corruption
https://notcve.org/view.php?id=CVE-2021-4098
13 Jan 2022 — Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Una comprobación insuficiente de datos en Mojo en Google Chrome versiones anteriores a 96.0.4664.110, permitía a un atacante remoto que hubiera comprometido el proceso de renderización llevar a cabo potencialmente un escape de sandbox por medio de una página HTML diseñada Multiple security issues were ... • https://packetstorm.news/files/id/165561 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-4079 – Gentoo Linux Security Advisory 202208-25
https://notcve.org/view.php?id=CVE-2021-4079
23 Dec 2021 — Out of bounds write in WebRTC in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via crafted WebRTC packets. Una escritura fuera de límites en WebRTC en Google Chrome versiones anteriores a 96.0.4664.93, permitía a un atacante remoto explotar potencialmente una corrupción de la pila por medio de paquetes WebRTC diseñados Multiple vulnerabilities have been found in Chromium and its derivatives, the worst of which could result in remote code execution. Vers... • https://chromereleases.googleblog.com/2021/12/stable-channel-update-for-desktop.html • CWE-787: Out-of-bounds Write •