CVE-2022-1500

Insufficient data validation in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass content security policy via a crafted HTML page...

CVE-2022-1500

CVE-2022-1500 affects Google Chrome/Chromium Dev Tools. The root cause is insufficient data validation in Dev Tools that allows a remote attacker to bypass the Content Security Policy through a crafted HTML page. Documented impact is CSP bypass with network-remote vector, supported by CVSS data: ...

CVE-2022-1493

Use after free in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction...

CVE-2022-1493

Use after free in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction...

CVE-2022-1493

Use after free in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction...

CVE-2022-1493

Summary: CVE-2022-1493 is a Use-after-Free in DevTools of Google Chrome/Chromium up to version 101.0.4951.41, enabling a remote attacker to potentially cause heap corruption via specific, direct user interaction. The vulnerability affects Chrome/Chromium’s DevTools components and is reflected in ...

CVE-2022-1309

Insufficient policy enforcement in developer tools in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page...

Denial Of Service (DoS)

chromium is vulnerable to denial of service. The vulnerability exists due to the heap-based overflow in dev tools which allows an attacker to install a malicious extension to potentially exploit heap corruption via a malicious HTML page...

Mageia: Security Advisory (MGASA-2022-0158)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Remote Code Execution (RCE)

chrome is vulnerable to remote code execution. The vulnerability exists due to Insufficient data validation in Dev Tools which allows an attacker to bypass content security policy via a malicious HTML page...

Chromium: CVE-2022-1500 Insufficient data validation in Dev Tools

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2022-1493 Use after free in Dev Tools

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

KLA12519 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions, gain privileges, spoof user interface. Below is a complete list of vulnerabilities: 1. Use after free...

Microsoft Edge (Chromium) < 101.0.1210.32 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 101.0.1210.32. It is, therefore, affected by multiple vulnerabilities as referenced in the April 28, 2022 advisory. - Use after free in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to...

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 30 security fixes, including: 1313905 High CVE-2022-1477: Use after free in Vulkan. Reported by SeongHwan Park SeHwa on 2022-04-06 1299261 High CVE-2022-1478: Use after free in SwiftShader. Reported by SeongHwan Park SeHwa on 2022-02-20 1305190 High...

KLA12517 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions, spoof user interface. Below is a complete list of vulnerabilities: 1. Implementation vulnerability in Input can...

Cross-site Scripting (XSS) - Stored in elgg/elgg

Analysis Hello guys, how are doing? Hope you're having an awesome day 🤗 Elgg has a functionality for any authenticated user to report pages to the administrators whenever they think that there's something wrong going on with this page. This functionality has an issue, because in order to create a...

openSUSE 15 Security Update : opera (openSUSE-SU-2021:1488-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1488-1 advisory. - Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to...

Denial Of Service (DoS)

chromium-browser:bionic is vulnerable to denial of service. Heap buffer overflow in Settings in Google Chrome allowed a remote attacker to engage with Dev Tools to potentially exploit heap corruption via a crafted HTML page...

Heap Corruption

chrome is vulnerable to heap corruption. The vulnerability exists due to a use after free in dev tools...