27 matches found
openSUSE: Security Advisory for chromium (openSUSE-SU-2022:10099-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for opera (openSUSE-SU-2022:10109-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2022-2856
Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker to arbitrarily browse to a malicious website via a crafted HTML page...
Google Rolls Out New Chrome Browser Update to Patch Yet Another Zero-Day Vulnerability
Search giant Google on Friday released an out-of-band security update to fix a new actively exploited zero-day flaw in its Chrome web browser. The high-severity flaw, tracked as CVE-2022-4262, concerns a type confusion bug in the V8 JavaScript engine. Clement Lecigne of Google's Threat Analysis...
Update Chrome Browser Now to Patch New Actively Exploited Zero-Day Flaw
Google on Thursday released software updates to address yet another zero-day flaw in its Chrome web browser. Tracked as CVE-2022-4135, the high-severity vulnerability has been described as a heap buffer overflow in the GPU component. Clement Lecigne of Google's Threat Analysis Group TAG has been...
Fedora: Security Advisory for chromium (FEDORA-2022-3f28aa88cf)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2022-2856
Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker to arbitrarily browse to a malicious website via a crafted HTML page...
UBUNTU-CVE-2022-2856
Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker to arbitrarily browse to a malicious website via a crafted HTML page...
CVE-2022-2856
CVE-2022-2856 is a Google Chrome/Chromium Intents input-validation vulnerability. Affected component: Chrome/Chromium on Android (and Chromium-derived browsers) prior to 104.0.5112.101; root cause: insufficient validation of untrusted input passed via Intents, enabling a remote attacker to load a...
openSUSE 15 Security Update : opera (openSUSE-SU-2022:10109-1)
The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:10109-1 advisory. - Use after free in FedCM. CVE-2022-2852 - Heap buffer overflow in Downloads. CVE-2022-2853 - Use after free in SwiftShader. CVE-2022-2854...
openSUSE 15 Security Update : chromium (openSUSE-SU-2022:10099-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:10099-1 advisory. - Use after free in FedCM. CVE-2022-2852 - Heap buffer overflow in Downloads. CVE-2022-2853 - Use after free in SwiftShader. CVE-2022-2854...
Mageia: Security Advisory (MGASA-2022-0307)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated chromium-browser-stable packages fix security vulnerability
The chromium-browser-stable package has been updated to the 104.0.5112.101 branch, fixing many bugs and 11 CVE. Google is aware that an exploit for CVE-2022-2856 exists in the wild. Some of the addressed CVE are listed below: Critical CVE-2022-2852: Use after free in FedCM. High CVE-2022-2854: Us...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2022:10099-1 Rating: important References: 1202509 Cross-References: CVE-2022-2852 CVE-2022-2853 CVE-2022-2854 CVE-2022-2855 CVE-2022-2856 CVE-2022-2857 CVE-2022-2858 CVE-2022-2859 CVE-2022-2860 CVE-2022-2861...
CISA wants you to patch these actively exploited vulnerabilities before September 8
On Thursday, CISA the US Cybersecurity and Infrastructure Security Agency updated its catalog of actively exploited vulnerabilities by adding seven new entries. These flaws were found in Apple, Google, Microsoft, Palo Alto Networks, and SAP products. CISA set the due date for everyone to patch th...
Chrome’s zero-day flaw allows arbitrary code execution
Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary A vulnerabilityCVE-2022-2856 in Google Chrome, has been exploited in the wild. Additionally, Chrome has addressed several other use-after-free vulnerabilities in multiple components, including FedCM,...
Google Patches Chrome’s Fifth Zero-Day of the Year
Google has patched the fifth actively exploited zero-day vulnerability discovered in Chrome this year as one in a series of fixes included in a stable channel update released Wednesday. The bug, tracked as CVE-2022-2856 and rated as high on the Common Vulnerability Scoring System CVSS, is...
Debian DSA-5212-1 : chromium - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5212 advisory. - Use after free in FedCM. CVE-2022-2852 - Heap buffer overflow in Downloads. CVE-2022-2853 - Use after free in SwiftShader. CVE-2022-2854 - Use after free in...
Google Chrome Security Update (stable-channel-update-for-desktop_16-2022-08) - Mac OS X
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
New Google Chrome Zero-Day Vulnerability Being Exploited in the Wild
Google on Tuesday rolled out patches for Chrome browser for desktops to contain an actively exploited high-severity zero-day flaw in the wild. Tracked as CVE-2022-2856, the issue has been described as a case of insufficient validation of untrusted input in Intents. Security researchers Ashley She...