CVE-2022-1138

Inappropriate implementation in Web Cursor in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who had compromised the renderer process to obscure the contents of the Omnibox URL bar via a crafted HTML page...

CVE-2022-1139

Inappropriate implementation in Background Fetch API in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

CVE-2022-1128

Inappropriate implementation in Web Share API in Google Chrome on Windows prior to 100.0.4896.60 allowed an attacker on the local network segment to leak cross-origin data via a crafted HTML page...

Hardcoded credentials

Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 100.0.4896.60 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

CVE-2022-1132

Inappropriate implementation in Virtual Keyboard in Google Chrome on Chrome OS prior to 100.0.4896.60 allowed a local attacker to bypass navigation restrictions via physical access to the device...

CVE-2022-1146

Inappropriate implementation in Resource Timing in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

CVE-2022-1138

Inappropriate implementation in Web Cursor in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who had compromised the renderer process to obscure the contents of the Omnibox URL bar via a crafted HTML page...

CVE-2022-1138

Inappropriate implementation in Web Cursor in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who had compromised the renderer process to obscure the contents of the Omnibox URL bar via a crafted HTML page...

CVE-2022-1137

Inappropriate implementation in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to leak potentially sensitive information via a crafted HTML page...

CVE-2022-1132

Inappropriate implementation in Virtual Keyboard in Google Chrome on Chrome OS prior to 100.0.4896.60 allowed a local attacker to bypass navigation restrictions via physical access to the device...

CVE-2022-1129

CVE-2022-1129 : Google Chrome on Android before 100.0.4896.60 suffers from an inappropriate Full Screen Mode implementation that can allow a remote attacker to spoof the Omnibox (URL bar) via a crafted HTML page. The issue is listed with a CVSS v3.1 base score of 6.5 (Medium); impact is spoofing ...

CVE-2022-1129

Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 100.0.4896.60 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

CVE-2022-1128

Inappropriate implementation in Web Share API in Google Chrome on Windows prior to 100.0.4896.60 allowed an attacker on the local network segment to leak cross-origin data via a crafted HTML page...

CVE-2022-0305

Inappropriate implementation in Service Worker API in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page...

Mageia: Security Advisory (MGASA-2022-0188)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Edge (Chromium) < 101.0.1210.47 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 101.0.1210.47. It is, therefore, affected by multiple vulnerabilities as referenced in the May 13, 2022 advisory. - Use after free in Sharing in Google Chrome prior to 101.0.4951.64 allowed a remote attacker who...

openSUSE 15 Security Update : chromium (openSUSE-SU-2022:0125-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0125-1 advisory. - Use after free in Vulkan. CVE-2022-1477 - Use after free in SwiftShader. CVE-2022-1478 - Use after free in ANGLE. CVE-2022-1479 - Use aft...

MGASA-2022-0158 Updated chromium-browser-stable packages fix security vulnerability

Use after free in Vulkan. CVE-2022-1477 Use after free in SwiftShader. CVE-2022-1478 Use after free in ANGLE. CVE-2022-1479 Use after free in Sharing. CVE-2022-1481 Inappropriate implementation in WebGL. CVE-2022-1482 Heap buffer overflow in WebGPU. CVE-2022-1483 Heap buffer overflow in Web UI...

Updated chromium-browser-stable packages fix security vulnerability

Use after free in Vulkan. CVE-2022-1477 Use after free in SwiftShader. CVE-2022-1478 Use after free in ANGLE. CVE-2022-1479 Use after free in Sharing. CVE-2022-1481 Inappropriate implementation in WebGL. CVE-2022-1482 Heap buffer overflow in WebGPU. CVE-2022-1483 Heap buffer overflow in Web UI...

Chromium: CVE-2022-1499 Inappropriate implementation in WebAuthentication

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...