1225 matches found
CVE-2022-1864
Use after free in WebApp Installs in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction...
UBUNTU-CVE-2022-1864
Use after free in WebApp Installs in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction...
CVE-2022-1864
CVE-2022-1864 : In Google Chrome, a use-after-free in WebApp Installs (prior to 102.0.5005.61) can allow heap corruption when a user is convinced to install a malicious extension and performs specific interactions. The issue affects Chrome’s handling of WebApp Installs and is tied to a post-relea...
CVE-2022-1864
Use after free in WebApp Installs in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction...
CVE-2022-1864
Use after free in WebApp Installs in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction...
Mageia: Security Advisory (MGASA-2022-0241)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Design/Logic Flaw
Wire is a secure messaging application. Wire is vulnerable to arbitrary HTML and Javascript execution via insufficient escaping when rendering @mentions in the wire-webapp. If a user receives and views a malicious message, arbitrary code is injected and executed in the context of the victim...
CVE-2022-29168 Cross Site Scripting in Wire Messages
Wire is a secure messaging application. Wire is vulnerable to arbitrary HTML and Javascript execution via insufficient escaping when rendering @mentions in the wire-webapp. If a user receives and views a malicious message, arbitrary code is injected and executed in the context of the victim...
CVE-2022-29168 Cross Site Scripting in Wire Messages
Wire is a secure messaging application. Wire is vulnerable to arbitrary HTML and Javascript execution via insufficient escaping when rendering @mentions in the wire-webapp. If a user receives and views a malicious message, arbitrary code is injected and executed in the context of the victim...
The vulnerability of the WebApp Provider component in Google Chrome and Microsoft Edge allows a hacker to gain unauthorized access to protected information.
The vulnerability of the WebApp Provider component in Google Chrome and Microsoft Edge relates to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
Chromium: CVE-2022-2161 Use after free in WebApp Provider
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser from Google, Inc. A security vulnerability exists in Google Chrome that originates from the reuse of the WebApp Provider after release...
Malicious code in mattermost-webapp (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c9ce8f02251eba861f2430bb80e15d90e2ea15ebcfe9586d76c3a65b6c935e03 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-4506 Malicious code in mattermost-webapp (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c9ce8f02251eba861f2430bb80e15d90e2ea15ebcfe9586d76c3a65b6c935e03 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-4507 Malicious code in mattermost-webapp-profiling (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0507ee66265c1781e45307f46fd6db9ec8af3481f25b080e9f3d8a628ad350b5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-7177 Malicious code in wix-user-preferences-webapp (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 29e4630a25b98ef601b67373c19a7e895e64e5c6ce1ae6cb9fdbafa41d101036 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-6690 Malicious code in twilio-chat-console-webapp (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8d43b58f29b1c20f3fa4c8d6c56e87e0fe9432726d8b380b35b38b1f5deda3b0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-6691 Malicious code in twilio-chat-console-webapp.js (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e49ceaa7ff098d3318e69bf952690e21a038f0172d1d88c26b9c9882d9607f50 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2022:10005-1 Rating: important References: 1199893 Cross-References: CVE-2022-1853 CVE-2022-1854 CVE-2022-1855 CVE-2022-1856 CVE-2022-1857 CVE-2022-1858 CVE-2022-1859 CVE-2022-1860 CVE-2022-1861 CVE-2022-1862...
Security update for chromium (critical)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2022:10009-1 Rating: critical References: 1199893 1200139 1200423 Cross-References: CVE-2022-1853 CVE-2022-1854 CVE-2022-1855 CVE-2022-1856 CVE-2022-1857 CVE-2022-1858 CVE-2022-1859 CVE-2022-1860 CVE-2022-1861...