CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-1227 – Debian Security Advisory 5371-1
https://notcve.org/view.php?id=CVE-2023-1227
07 Mar 2023 — Use after free in Core in Google Chrome on Lacros prior to 111.0.5563.64 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: Medium) Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. • https://chromereleases.googleblog.com/2023/03/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 1CVE-2022-2743
https://notcve.org/view.php?id=CVE-2022-2743
02 Jan 2023 — Integer overflow in Window Manager in Google Chrome on Chrome OS and Lacros prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific UI interactions to perform an out of bounds memory write via crafted UI interactions. (Chrome security severity: High) • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 1CVE-2022-2742
https://notcve.org/view.php?id=CVE-2022-2742
02 Jan 2023 — Use after free in Exosphere in Google Chrome on Chrome OS and Lacros prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions. (Chrome security severity: High) • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-4176 – Gentoo Linux Security Advisory 202311-11
https://notcve.org/view.php?id=CVE-2022-4176
29 Nov 2022 — Out of bounds write in Lacros Graphics in Google Chrome on Chrome OS and Lacros prior to 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interactions. (Chromium security severity: High) La escritura fuera de límites en Lacros Graphics en Google Chrome en Chrome OS y Lacros anterior a 108.0.5359.71 permitía a un atacante remoto que convenciera a un usuario para participar en interacciones de UI específicas para e... • https://chromereleases.googleblog.com/2022/11/stable-channel-update-for-desktop_29.html • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2022-3071 – Gentoo Linux Security Advisory 202209-23
https://notcve.org/view.php?id=CVE-2022-3071
26 Sep 2022 — Use after free in Tab Strip in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interaction. Un uso de memoria previamente liberada en Tab Strip en Google Chrome en Chrome OS, Lacros versiones anteriores a 105.0.5195.52, permitía a un atacante remoto que convenciera a un usuario de participar en interacciones específicas de la Interfaz de Usuario explotar potenc... • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2022-3052 – Gentoo Linux Security Advisory 202209-23
https://notcve.org/view.php?id=CVE-2022-3052
26 Sep 2022 — Heap buffer overflow in Window Manager in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions. Un desbordamiento del búfer de la pila en Window Manager de Google Chrome en Chrome OS, Lacros versiones anteriores a 105.0.5195.52, permitía a un atacante remoto que convenciera a un usuario de participar en interacciones específicas de la Interfaz de Usuari... • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2022-3051 – Gentoo Linux Security Advisory 202209-23
https://notcve.org/view.php?id=CVE-2022-3051
26 Sep 2022 — Heap buffer overflow in Exosphere in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions. Un desbordamiento del búfer de la pila en Exosphere en Google Chrome en Chrome OS, Lacros versiones anteriores a 105.0.5195.52, permitía a un atacante remoto que convenciera a un usuario de participar en interacciones específicas de la Interfaz de Usuario explotar... • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2022-3049 – Gentoo Linux Security Advisory 202209-23
https://notcve.org/view.php?id=CVE-2022-3049
26 Sep 2022 — Use after free in SplitScreen in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. Un uso de memoria previamente liberada en SplitScreen en Google Chrome en Chrome OS, Lacros versiones anteriores a 105.0.5195.52, permitió a un atacante remoto que convenció a un usuario de participar en interacciones específicas de la Interfaz de Usuario específicos para... • https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_30.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •