237 matches found
CVE-2022-2742
Use after free in Exosphere in Google Chrome on Chrome OS and Lacros prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions. Chrome security severity: High...
Google Chrome 竞争条件问题漏洞
Google Chrome is a web browser from Google, Inc. in the United States. Google Chrome prior to version 104.0.5112.79 suffers from a Competitive Condition Issue vulnerability that stems from the presence of post-release reuse in Exosphere, which allows remote attackers to convince a user to engage ...
CVE-2022-2743
Integer overflow in Window Manager in Google Chrome on Chrome OS and Lacros prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific UI interactions to perform an out of bounds memory write via crafted UI interactions. Chrome security severity: High...
CVE-2022-2742
Use after free in Exosphere in Google Chrome on Chrome OS and Lacros prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions. Chrome security severity: High...
CVE-2022-2743
Mode C: The CVE-2022-2743 entry describes a concrete vulnerability in Google Chrome’s Window Manager on Chrome OS and Lacros, where an integer overflow can enable a remote attacker to cause an out-of-bounds memory write through crafted UI interactions. Affected software is Google Chrome on Chrome...
CVE-2022-2742
This CVE-2022-2742 describes a use-after-free in Exosphere affecting Google Chrome on Chrome OS and Lacros prior to 104.0.5112.79. The issue could allow a remote attacker, who lures a user into specific UI interactions, to potentially trigger heap corruption via crafted UI interactions. Evidence ...
CVE-2022-2742
Use after free in Exosphere in Google Chrome on Chrome OS and Lacros prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions. Chrome security severity: High...
CVE-2022-2743
Integer overflow in Window Manager in Google Chrome on Chrome OS and Lacros prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific UI interactions to perform an out of bounds memory write via crafted UI interactions. Chrome security severity: High...
openSUSE 15 Security Update : chromium (openSUSE-SU-2022:10245-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:10245-1 advisory. - Use after free in Blink Media in Google Chrome prior to 108.0.5359.124 allowed a remote attacker to potentially exploit heap corruption...
CVE-2022-4438
Use after free in Blink Frames in Google Chrome prior to 108.0.5359.124 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2022-4439
Use after free in Aura in Google Chrome on Windows prior to 108.0.5359.124 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions. Chromium security severity: High...
Design/Logic Flaw
Use after free in Aura in Google Chrome on Windows prior to 108.0.5359.124 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions. Chromium security severity: High...
CVE-2022-4439
Use after free in Aura in Google Chrome on Windows prior to 108.0.5359.124 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions. Chromium security severity: High...
Design/Logic Flaw
Use after free in Blink Frames in Google Chrome prior to 108.0.5359.124 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2022-4438
CVE-2022-4438 describes a use-after-free in Blink Frames in Google Chrome/Chromium before 108.0.5359.124, where a remote attacker convincing a user to engage in specific UI interactions could trigger heap corruption via a crafted HTML page. Affected software: Google Chrome/Chromium (Blink Frames)...
CVE-2022-4439
CVE-2022-4439 is a use-after-free in Aura within Google Chrome for Windows, exploited via user-initiated UI interactions to potentially cause heap corruption. The vulnerability is part of a set of Chrome/Chromium issues disclosed in the December 2022 security updates, with Chrome’s stable channel...
FreeBSD : chromium -- multiple vulnerabilities (83eb9374-7b97-11ed-be8f-3065ec8fd3ec)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 83eb9374-7b97-11ed-be8f-3065ec8fd3ec advisory. - Use after free in Blink Media in Google Chrome prior to 108.0.5359.124 allowed a remote...
CVE-2022-4438
Use after free in Blink Frames in Google Chrome prior to 108.0.5359.124 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2022-4439
Use after free in Aura in Google Chrome on Windows prior to 108.0.5359.124 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions. Chromium security severity: High...
Debian DSA-5293-1 : chromium - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5293 advisory. Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. For the...