CVE-2022-4181

Use after free in Forms in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2022-4181

Use after free in Forms in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

Design/Logic Flaw

Use after free in Forms in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

UBUNTU-CVE-2022-4181

Use after free in Forms in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

Google Chrome Forms Code Execution Vulnerability

Google Chrome is a web browser from Google, an American company. A code execution vulnerability exists in Google Chrome Forms, which can be exploited by an attacker to execute arbitrary code on a system or cause a denial of service...

WordPress Google Forms plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Google Forms plug...

Google Chrome < 108.0.5359.71 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 108.0.5359.71. It is, therefore, affected by multiple vulnerabilities as referenced in the 202211stable-channel-update-for-desktop29 advisory. - Use after free in Accessibility in Google Chrome prior to 108.0.5359.71...

Google Chrome < 108.0.5359.71 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 108.0.5359.71. It is, therefore, affected by multiple vulnerabilities as referenced in the 202211stable-channel-update-for-desktop29 advisory. - Use after free in Accessibility in Google Chrome prior to 108.0.5359.71...

CVE-2022-4181

CVE-2022-4181 is a use-after-free in Google Chrome’s Forms component via Chromium. The concrete details show a heap-corruption vulnerability in Chrome/Chromium’s Forms handling, exploitable through a crafted HTML page and rated High severity. Affected product: Google Chrome (Chromium base); vulne...

CVE-2022-4181

Use after free in Forms in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2022-4181

Use after free in Forms in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

chromium -- multiple vulnerabilities

Chrome Releases reports: This release contains 28 security fixes, including: 1379054 High CVE-2022-4174: Type Confusion in V8. Reported by Zhenghang Xiao @Kipreyyy on 2022-10-27 1381401 High CVE-2022-4175: Use after free in Camera Capture. Reported by Leecraso and Guang Gong of 360 Alpha Lab on...

CVE-2022-4181

Use after free in Forms in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2022-3834

The Google Forms WordPress plugin through 0.95 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-3834

The Google Forms WordPress plugin through 0.95 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-3689

The HTML Forms WordPress plugin before 1.3.25 does not properly properly escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users...

CVE-2022-3689

The HTML Forms WordPress plugin before 1.3.25 does not properly properly escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users...

Cross site scripting

The Google Forms WordPress plugin through 0.95 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

Sql injection

The HTML Forms WordPress plugin before 1.3.25 does not properly properly escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users...

CVE-2022-3834 Google Forms <= 0.95 - Admin+ Stored XSS

The Google Forms WordPress plugin through 0.95 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...