Lucene search
K

212 matches found

Prion
Prion
added 2022/11/01 11:15 p.m.21 views

Heap overflow

Heap buffer overflow in Media Galleries in Google Chrome prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

6.8CVSS8.7AI score0.00383EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/11/01 11:15 p.m.3 views

UBUNTU-CVE-2022-3655

Heap buffer overflow in Media Galleries in Google Chrome prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS7.5AI score0.00383EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/11/01 12:0 a.m.35 views

openSUSE 15 Security Update : chromium (openSUSE-SU-2022:10180-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:10180-1 advisory. - Type Confusion in V8. CVE-2022-3652, CVE-2022-3723 - Heap buffer overflow in Vulkan. CVE-2022-3653 - Use after free in Layout...

8.8CVSS7.9AI score0.23798EPSS
Exploits4References25
Vulnrichment
Vulnrichment
added 2022/11/01 12:0 a.m.12 views

CVE-2022-3655

Heap buffer overflow in Media Galleries in Google Chrome prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

7.3AI score0.00383EPSS
Exploits0References2
CVE
CVE
added 2022/11/01 12:0 a.m.120 views

CVE-2022-3655

CVE-2022-3655 describes a heap buffer overflow in Chrome/Chromium’s Media Galleries. Multiple sources (Chrome release notes and security trackers) confirm this affects Chrome before version 107.0.5304.62, with the risk that a user who installs a crafted malicious extension could trigger heap corr...

8.8CVSS8.7AI score0.00383EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/11/01 12:0 a.m.17 views

CVE-2022-3655

Heap buffer overflow in Media Galleries in Google Chrome prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

9AI score0.00383EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2022/11/01 12:0 a.m.52 views

CVE-2022-3655

Heap buffer overflow in Media Galleries in Google Chrome prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS9.5AI score0.00383EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/11/01 12:0 a.m.64 views

openSUSE 15 Security Update : chromium (openSUSE-SU-2022:10177-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:10177-1 advisory. - Type Confusion in V8. CVE-2022-3652, CVE-2022-3723 - Heap buffer overflow in Vulkan. CVE-2022-3653 - Use after free in Layout...

8.8CVSS7.9AI score0.23798EPSS
Exploits4References25
Microsoft CVE
Microsoft CVE
added 2022/10/27 6:5 p.m.31 views

Chromium: CVE-2022-3655 Heap buffer overflow in Media Galleries

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS8.4AI score0.00383EPSS
Exploits0
CNVD
CNVD
added 2022/10/27 12:0 a.m.24 views

Google Chrome Media Galleries Buffer Overflow Vulnerability

Google Chrome is a web browser from Google, Inc. A buffer overflow vulnerability exists in Google Chrome Media Galleries, which is caused by a failure of Media Gallery to properly bounds check. An attacker could exploit the vulnerability to make an overflow buffer and execute arbitrary code on th...

8.8CVSS4.8AI score0.00383EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/10/27 12:0 a.m.92 views

Microsoft Edge (Chromium) < 107.0.1418.24 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 107.0.1418.24. It is, therefore, affected by multiple vulnerabilities as referenced in the October 27, 2022 advisory. - Type Confusion in V8. CVE-2022-3652 - Heap buffer overflow in Vulkan. CVE-2022-3653 - Use after fr...

8.8CVSS7.5AI score0.23798EPSS
Exploits2References17
Kaspersky
Kaspersky
added 2022/10/27 12:0 a.m.52 views

KLA20019 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Type confusion vulnerability in V8 can be exploited to cause denial of service. 2. Use...

8.8CVSS9.2AI score0.23798EPSS
Exploits2References11
CNNVD
CNNVD
added 2022/10/25 12:0 a.m.5 views

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser from Google, Inc. A buffer overflow vulnerability exists in Google Chrome Media Galleries, which is caused by a failure of Media Gallery to properly bounds check. An attacker could exploit the vulnerability to make an overflow buffer and execute arbitrary code on th...

8.8CVSS9.1AI score0.00383EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2022/10/25 12:0 a.m.170 views

Google Chrome < 107.0.5304.62 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 107.0.5304.62. It is, therefore, affected by multiple vulnerabilities as referenced in the 202210stable-channel-update-for-desktop25 advisory. - Use after free in Accessibility in Google Chrome on Chrome OS prior to...

8.8CVSS7.9AI score0.23798EPSS
Exploits3References21
Prion
Prion
added 2022/07/15 12:15 p.m.16 views

Design/Logic Flaw

Arox School ERP Pro v1.0 was discovered to contain multiple arbitrary file upload vulnerabilities via the Add Photo function at photogalleries.inc.php and the import staff excel function at 1financemaster.inc.php...

6.5CVSS9AI score0.01994EPSS
Exploits1References3Affected Software1
RedhatCVE
RedhatCVE
added 2022/04/11 3:23 p.m.50 views

CVE-2022-28202

A flaw was found in MediaWiki. The widthheight, widthheightpage, and nbytes properties of messages are not escaped when used in galleries or Special:RevisionDelete...

6.1CVSS1.8AI score0.01152EPSS
Exploits0References4
Veracode
Veracode
added 2022/04/06 3:25 p.m.27 views

Cross-site Scripting (XSS)

An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The widthheight, widthheightpage, and nbytes properties of messages are not escaped when used in galleries or Special:RevisionDelete...

6.1CVSS1.6AI score0.01152EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2022/03/30 6:15 a.m.24 views

CVE-2022-28202

An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The widthheight, widthheightpage, and nbytes properties of messages are not escaped when used in galleries or Special:RevisionDelete...

6.1CVSS5.8AI score
Exploits0References5
OSV
OSV
added 2022/03/30 6:15 a.m.1 views

DEBIAN-CVE-2022-28202

An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The widthheight, widthheightpage, and nbytes properties of messages are not escaped when used in galleries or Special:RevisionDelete...

6.1CVSS5.9AI score0.01152EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/03/30 6:15 a.m.2 views

CVE-2022-28202

An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The widthheight, widthheightpage, and nbytes properties of messages are not escaped when used in galleries or Special:RevisionDelete...

6.1CVSS5.9AI score0.01152EPSS
Exploits0References7
Rows per page
Query Builder