Fedoraproject

Fedora

5319 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2022-2296

  • EPSS 0.89%
  • Veröffentlicht 28.07.2022 02:15:07
  • Zuletzt bearbeitet 21.11.2024 07:00:42

Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 103.0.5060.114 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via direct UI interactions.

8.8

CVE-2022-2162

  • EPSS 0.09%
  • Veröffentlicht 28.07.2022 01:15:17
  • Zuletzt bearbeitet 21.11.2024 07:00:27

Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 103.0.5060.53 allowed a remote attacker to bypass file system access via a crafted HTML page.

6.3

CVE-2022-2164

  • EPSS 0.16%
  • Veröffentlicht 28.07.2022 01:15:17
  • Zuletzt bearbeitet 21.11.2024 07:00:27

Inappropriate implementation in Extensions API in Google Chrome prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted HTML page.

4.3

CVE-2022-2165

  • EPSS 0.45%
  • Veröffentlicht 28.07.2022 01:15:17
  • Zuletzt bearbeitet 21.11.2024 07:00:27

Insufficient data validation in URL formatting in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.

8.8

CVE-2022-2007

  • EPSS 0.85%
  • Veröffentlicht 28.07.2022 01:15:16
  • Zuletzt bearbeitet 21.11.2024 07:00:09

Use after free in WebGPU in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8

CVE-2022-2008

  • EPSS 0.7%
  • Veröffentlicht 28.07.2022 01:15:16
  • Zuletzt bearbeitet 21.11.2024 07:00:10

Double free in WebGL in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

9.3

CVE-2022-2010

  • EPSS 0.91%
  • Veröffentlicht 28.07.2022 01:15:16
  • Zuletzt bearbeitet 21.11.2024 07:00:10

Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

8.8

CVE-2022-2011

  • EPSS 0.89%
  • Veröffentlicht 28.07.2022 01:15:16
  • Zuletzt bearbeitet 21.11.2024 07:00:10

Use after free in ANGLE in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8

CVE-2022-2156

  • EPSS 1.78%
  • Veröffentlicht 28.07.2022 01:15:16
  • Zuletzt bearbeitet 21.11.2024 07:00:26

Use after free in Core in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8

CVE-2022-2157

  • EPSS 0.87%
  • Veröffentlicht 28.07.2022 01:15:16
  • Zuletzt bearbeitet 21.11.2024 07:00:26

Use after free in Interest groups in Google Chrome prior to 103.0.5060.53 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.