Fedoraproject

Fedora

5319 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2022-2613

  • EPSS 0.56%
  • Published 12.08.2022 20:15:09
  • Last modified 21.11.2024 07:01:21

Use after free in Input in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to enage in specific user interactions to potentially exploit heap corruption via specific UI interactions.

8.8

CVE-2022-2614

  • EPSS 0.65%
  • Published 12.08.2022 20:15:09
  • Last modified 21.11.2024 07:01:21

Use after free in Sign-In Flow in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.5

CVE-2022-2615

  • EPSS 0.44%
  • Published 12.08.2022 20:15:09
  • Last modified 21.11.2024 07:01:21

Insufficient policy enforcement in Cookies in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

6.5

CVE-2022-2616

  • EPSS 0.27%
  • Published 12.08.2022 20:15:09
  • Last modified 21.11.2024 07:01:21

Inappropriate implementation in Extensions API in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to spoof the contents of the Omnibox (URL bar) via a crafted Chrome Extension.

8.8

CVE-2022-2617

  • EPSS 0.18%
  • Published 12.08.2022 20:15:09
  • Last modified 21.11.2024 07:01:21

Use after free in Extensions API in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interactions.

6.5

CVE-2022-2618

  • EPSS 0.2%
  • Published 12.08.2022 20:15:09
  • Last modified 21.11.2024 07:01:22

Insufficient validation of untrusted input in Internals in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to bypass download restrictions via a malicious file .

4.3

CVE-2022-2619

  • EPSS 0.27%
  • Published 12.08.2022 20:15:09
  • Last modified 21.11.2024 07:01:22

Insufficient validation of untrusted input in Settings in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted HTML page.

8.8

CVE-2022-2620

  • EPSS 1.07%
  • Published 12.08.2022 20:15:09
  • Last modified 21.11.2024 07:01:22

Use after free in WebUI in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions.

8.8

CVE-2022-2621

Exploit
  • EPSS 0.16%
  • Published 12.08.2022 20:15:09
  • Last modified 21.11.2024 07:01:22

Use after free in Extensions in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interactions.

6.5

CVE-2022-2622

  • EPSS 0.3%
  • Published 12.08.2022 20:15:09
  • Last modified 21.11.2024 07:01:22

Insufficient validation of untrusted input in Safe Browsing in Google Chrome on Windows prior to 104.0.5112.79 allowed a remote attacker to bypass download restrictions via a crafted file.