Lucene search
K

23 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

The use of the after-free operation in the Webstore API in Google Chrome before version 98.0.4758.102 allowed attackers to exploit heap corruption by using a crafted HTML page. This was possible if an attacker convinced a user to install a malicious extension and compelled the user to perform...

8.8CVSS7.3AI score0.0058EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2025/12/31 4:29 p.m.9 views

Trust Wallet Chrome Extension Hack Drains $8.5M via Shai-Hulud Supply Chain Attack

Trust Wallet on Tuesday revealed that the second iteration of the Shai-Hulud aka Sha1-Hulud supply chain outbreak in November 2025 was likely responsible for the hack of its Google Chrome extension, ultimately resulting in the theft of approximately $8.5 million in assets. "Our Developer GitHub...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2022-15709

Malicious code in bioql PyPI...

8.8CVSS9.2AI score0.0058EPSS
Exploits0References4
NVD
NVD
added 2022/04/05 12:15 a.m.19 views

CVE-2022-0605

Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and convinced a user to enage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS0.0058EPSS
Exploits0References2
OSV
OSV
added 2022/04/05 12:15 a.m.6 views

CVE-2022-0605

Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and convinced a user to enage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS9AI score
Exploits0References2
OSV
OSV
added 2022/04/05 12:15 a.m.1 views

DEBIAN-CVE-2022-0605

Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and convinced a user to enage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS8.1AI score0.0058EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2022/04/05 12:15 a.m.40 views

CVE-2022-0605

Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and convinced a user to enage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.2AI score0.0058EPSS
Exploits0References2
Prion
Prion
added 2022/04/05 12:15 a.m.24 views

Design/Logic Flaw

Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and convinced a user to enage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...

6.8CVSS8.8AI score0.0058EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/04/04 11:55 p.m.23 views

CVE-2022-0605

Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and convinced a user to enage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...

9.1AI score0.0058EPSS
Exploits0References2
CVE
CVE
added 2022/04/04 11:55 p.m.212 views

CVE-2022-0605

CVE-2022-0605 is a Chrome/Chromium vulnerability: a use-after-free in the Webstore API prior to 98.0.4758.102 could allow heap corruption when a user is convinced to install a malicious extension and to engage in specific interactions. The issue was addressed in the Chrome 98.0.4758.102 release. ...

8.8CVSS8.7AI score0.0058EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2022/04/04 11:55 p.m.48 views

CVE-2022-0605

Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and convinced a user to enage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS9.5AI score0.0058EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2022/04/04 11:55 p.m.45 views

CVE-2022-0605

Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and convinced a user to enage in specific user interaction to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS9AI score0.0058EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/02/22 12:0 a.m.63 views

openSUSE 15 Security Update : chromium (openSUSE-SU-2022:0042-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0042-1 advisory. - Use after free in File Manager. CVE-2022-0603 - Heap buffer overflow in Tab Groups. CVE-2022-0604 - Use after free in Webstore API...

8.8CVSS9AI score0.23546EPSS
Exploits0References18
Veracode
Veracode
added 2022/02/20 5:50 a.m.26 views

Use After Free

Google Chrome is vulnerable to use after free. The vulnerability exists in Webstore API which allows an attacker to cause a memory corruption...

8.8CVSS3.3AI score0.0058EPSS
Exploits0References3Affected Software2
Microsoft CVE
Microsoft CVE
added 2022/02/16 8:0 a.m.35 views

Chromium: CVE-2022-0605 Use after free in Webstore API

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS8.4AI score0.0058EPSS
Exploits0
CNVD
CNVD
added 2022/02/16 12:0 a.m.25 views

Google Chrome Webstore API Code Execution Vulnerability

Google Chrome is a web browser from Google, an American company. A code execution vulnerability exists in the Google Chrome Webstore API, which can be exploited by remote attackers to execute arbitrary code on a system or cause a denial of service condition...

8.8CVSS8.7AI score0.0058EPSS
Exploits0References1
ThreatPost
ThreatPost
added 2022/02/15 6:33 p.m.225 views

Chrome Zero-Day Under Active Attack: Patch ASAP

Google on Monday issued 11 security fixes for its Chrome browser, including a high-severity zero-day bug that’s actively being jumped on by attackers in the wild. In a brief update, Google described the weakness, tracked as CVE-2022-0609, as a use-after-free vulnerability in Chrome’s Animation...

9.6CVSS9.8AI score0.70435EPSS
Exploits16References23
The Hacker News
The Hacker News
added 2022/02/15 5:6 a.m.138 views

New Chrome 0-Day Bug Under Active Attack – Update Your Browser ASAP!

Google on Monday rolled out fixes for eight security issues in the Chrome web browser, including a high-severity vulnerability that's being actively exploited in real-world attacks, marking the first zero-day patched by the internet giant in 2022. The shortcoming, tracked CVE-2022-0609, is...

8.8CVSS1AI score0.23546EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/02/15 12:0 a.m.49 views

FreeBSD : chromium -- multiple vulnerabilities (e12432af-8e73-11ec-8bc4-3065ec8fd3ec)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the e12432af-8e73-11ec-8bc4-3065ec8fd3ec advisory. - Inappropriate implementation in Gamepad API in Google Chrome prior to 98.0.4758.102 allowed ...

8.8CVSS8.9AI score0.23546EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2022/02/14 12:0 a.m.70 views

Google Chrome < 98.0.4758.102 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 98.0.4758.102. It is, therefore, affected by multiple vulnerabilities as referenced in the 202202stable-channel-update-for-desktop14 advisory. - Inappropriate implementation in Gamepad API in Google Chrome prior to...

8.8CVSS9AI score0.23546EPSS
Exploits0References17
Rows per page
Query Builder