CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-2855
https://notcve.org/view.php?id=CVE-2022-2855
Use after free in ANGLE in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en ANGLE en Google Chrome versiones anteriores a 104.0.5112.101, permitía a un atacante remoto explotar potencialmente una corrupción de pila por medio de una página HTML diseñada. • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_16.html https://crbug.com/1345042 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-2859
https://notcve.org/view.php?id=CVE-2022-2859
Use after free in Chrome OS Shell in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions. Un uso de memoria previamente liberada en Chrome OS Shell en Google Chrome versiones anteriores a 104.0.5112.101, permitía que un atacante remoto que convenciera a un usuario de participar en interacciones específicas de la Interfaz de Usuario pudiera explotar la corrupción de la pila por medio de interacciones específicas de la Interfaz de Usuario. • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_16.html https://crbug.com/1338412 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-2860
https://notcve.org/view.php?id=CVE-2022-2860
Insufficient policy enforcement in Cookies in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to bypass cookie prefix restrictions via a crafted HTML page. Una aplicación insuficiente de políticas en Cookies en Google Chrome versiones anteriores a 104.0.5112.101, permitía a un atacante remoto omitir las restricciones de prefijo de cookies por medio de una página HTML diseñada. • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_16.html https://crbug.com/1345193 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-2854
https://notcve.org/view.php?id=CVE-2022-2854
Use after free in SwiftShader in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en SwiftShader en Google Chrome versiones anteriores a 104.0.5112.101, permitía a un atacante remoto explotar potencialmente una corrupción de pila por medio de una página HTML diseñada. • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_16.html https://crbug.com/1337538 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-2853 – Chrome offline_items_collection::OfflineContentAggregator::OnItemRemoved Heap Buffer Overflow
https://notcve.org/view.php?id=CVE-2022-2853
Heap buffer overflow in Downloads in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Un desbordamiento de la memoria intermedia de pila en Downloads en Google Chrome en Android versiones anteriores a 104.0.5112.101, permitía a un atacante remoto que hubiera comprometido el proceso de renderización explotar potencialmente una corrupción de la memoria intermedia por medio de una página HTML diseñada. Chrome suffers from a heap buffer overflow vulnerability in offline_items_collection::OfflineContentAggregator::OnItemRemoved. • http://packetstormsecurity.com/files/169459/Chrome-offline_items_collection-OfflineContentAggregator-OnItemRemoved-Heap-Buffer-Overflow.html https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_16.html https://crbug.com/1350097 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4NMJURTG5RO3TGD7ZMIQ6Z4ZZ3SAVYE • CWE-787: Out-of-bounds Write •