Threat Level Attack Report For a detailed advisory, download the pdf file here Summary Candiru(Saito Tech) spyware used the recently fixed CVE-2022-2294 Chrome zero-day in assaults on journalists, with a substantial portion of the attacks taking place in Lebanon. This recently patched vulnerability in WebRTC is a heap-based buffer overflow. Its successful exploitation may result in code execution on the targeted device.

prion 1

cve 1

mscve 1

checkpoint_advisories 1

thn 9

alpinelinux 1

veracode 1

malwarebytes 2

debiancve 1

ubuntucve 1

cisa_kev 1

attackerkb 1

nessus 14

kaspersky 3

chrome 2

mageia 1

suse 4

osv 2

debian 1

ubuntu 1

freebsd 1

trellix 2

threatpost 2

avleonov 1

apple 3

qualysblog 3

fedora 2

gentoo 3

securelist 1

rapid7blog 1

prion

Heap overflow

2022-07-28 02:15:00

cve

CVE-2022-2294

2022-07-28 02:15:00

mscve

Chromium: CVE-2022-2294 Heap buffer overflow in WebRTC

2022-07-06 16:32:48

checkpoint_advisories

Google Chrome WebRTC Heap Buffer Overflow (CVE-2022-2294)

2022-09-22 00:00:00

thn

Candiru Spyware Caught Exploiting Google Chrome Zero-Day to Target Journalists

2022-07-22 06:40:00

Update Google Chrome Browser to Patch New Zero-Day Exploit Detected in the Wild

2022-07-05 02:55:00

New Google Chrome Zero-Day Vulnerability Being Exploited in the Wild

2022-08-17 12:02:00

alpinelinux

CVE-2022-2294

2022-07-28 02:15:00

veracode

Heap Buffer Overflow

2022-07-17 17:23:34

malwarebytes

Update now! Chrome patches ANOTHER zero-day vulnerability

2022-07-05 13:56:04

Zero-day puts a dent in Chrome's mojo

2022-09-05 16:30:00

debiancve

CVE-2022-2294

2022-07-28 02:15:00

ubuntucve

CVE-2022-2294

2022-07-28 00:00:00

cisa_kev

WebRTC Heap Buffer Overflow Vulnerability

2022-08-25 00:00:00

attackerkb

CVE-2022-2294

2022-07-28 00:00:00

nessus

Microsoft Edge (Chromium) < 103.0.1264.49 Vulnerability

2022-07-07 00:00:00

FreeBSD : chromium -- multiple vulnerabilities (744ec9d7-fe0f-11ec-bcd2-3065ec8fd3ec)

2022-07-08 00:00:00

openSUSE 15 Security Update : chromium (openSUSE-SU-2022:10055-1)

2022-07-13 00:00:00

kaspersky

KLA12579 Multiple vulnerabilities in Microsoft Browser

2022-07-06 00:00:00

KLA12587 Multiple vulnerabilities in Opera

2022-07-14 00:00:00

KLA12578 Multiple vulnerabilities in Google Chrome

2022-07-04 00:00:00

chrome

Chrome for Android Update

2022-07-04 00:00:00

Stable Channel Update for Desktop

2022-07-04 00:00:00

mageia

Updated webkit2 packages fix security vulnerability

2022-08-20 13:04:13

suse

Security update for chromium (important)

2022-07-13 00:00:00

Security update for opera (important)

2022-07-13 00:00:00

Security update for opera (important)

2022-08-16 00:00:00

osv

chromium - security update

2022-07-11 00:00:00

webkit2gtk vulnerabilities

2022-08-15 12:23:31

debian

[SECURITY] [DSA 5180-1] chromium security update

2022-07-11 17:47:32

ubuntu

WebKitGTK vulnerabilities

2022-08-15 00:00:00

freebsd

chromium -- multiple vulnerabilities

2022-07-04 00:00:00

trellix

The Bug Report – July 2022 Edition

2022-08-03 00:00:00

The Bug Report – July 2022 Edition

2022-08-03 00:00:00

threatpost

Google Patches Actively Exploited Chrome Bug

2022-07-05 11:54:21

Google Patches Chrome’s Fifth Zero-Day of the Year

2022-08-18 14:31:38

avleonov

Microsoft Patch Tuesday July 2022: propaganda report, CSRSS EoP, RPC RCE, Edge, Azure Site Recovery

2022-07-23 08:34:29

apple

About the security content of Safari 15.6

2022-07-20 00:00:00

About the security content of iOS 15.6 and iPadOS 15.6

2022-07-20 00:00:00

About the security content of macOS Monterey 12.5

2022-07-20 00:00:00

qualysblog

July 2022 Patch Tuesday | Microsoft Releases 84 Vulnerabilities with 4 Critical, plus 2 Microsoft Edge (Chromium-Based); Adobe Releases 4 Advisories, 27 Vulnerabilities with 18 Critical.

2022-07-12 20:09:23

The 9th Google Chrome Zero-Day Threat this Year – Again Just Before the Weekend

2022-12-03 05:24:27

August 2022 Patch Tuesday | Microsoft Releases 121 Vulnerabilities with 17 Critical, plus 20 Microsoft Edge (Chromium-Based); Adobe Releases 5 Advisories, 25 Vulnerabilities with 15 Critical.

2022-08-09 20:00:00

fedora

[SECURITY] Fedora 35 Update: chromium-103.0.5060.114-1.fc35

2022-07-28 01:30:57

[SECURITY] Fedora 36 Update: chromium-103.0.5060.114-1.fc36

2022-07-28 01:28:06

gentoo

WebKitGTK+: Multiple Vulnerabilities

2022-08-31 00:00:00

Chromium, Google Chrome, Microsoft Edge: Multiple Vulnerabilities

2022-08-21 00:00:00

QtWebEngine: Multiple Vulnerabilities

2023-11-25 00:00:00

securelist

IT threat evolution in Q3 2022. Non-mobile statistics

2022-11-18 08:10:34

rapid7blog

Patch Tuesday - July 2022

2022-07-12 19:40:15

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

JSON

Related for HIVEPRO:2FBDBD20FF69ADDF5A541D1E5B3D0809