CVE-2022-2164
- EPSS 0.55%
- Veröffentlicht 28.07.2022 01:15:17
- Zuletzt bearbeitet 21.11.2024 07:00:27
Inappropriate implementation in Extensions API in Google Chrome prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted HTML page.
CVE-2022-2165
- EPSS 0.72%
- Veröffentlicht 28.07.2022 01:15:17
- Zuletzt bearbeitet 21.11.2024 07:00:27
Insufficient data validation in URL formatting in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
CVE-2022-2007
- EPSS 0.83%
- Veröffentlicht 28.07.2022 01:15:16
- Zuletzt bearbeitet 21.11.2024 07:00:09
Use after free in WebGPU in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2008
- EPSS 0.85%
- Veröffentlicht 28.07.2022 01:15:16
- Zuletzt bearbeitet 21.11.2024 07:00:10
Double free in WebGL in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2010
- EPSS 1.08%
- Veröffentlicht 28.07.2022 01:15:16
- Zuletzt bearbeitet 21.11.2024 07:00:10
Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2022-2011
- EPSS 0.88%
- Veröffentlicht 28.07.2022 01:15:16
- Zuletzt bearbeitet 21.11.2024 07:00:10
Use after free in ANGLE in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2156
- EPSS 1.31%
- Veröffentlicht 28.07.2022 01:15:16
- Zuletzt bearbeitet 21.11.2024 07:00:26
Use after free in Core in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2157
- EPSS 0.84%
- Veröffentlicht 28.07.2022 01:15:16
- Zuletzt bearbeitet 21.11.2024 07:00:26
Use after free in Interest groups in Google Chrome prior to 103.0.5060.53 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2158
- EPSS 0.86%
- Veröffentlicht 28.07.2022 01:15:16
- Zuletzt bearbeitet 21.11.2024 07:00:26
Type confusion in V8 in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2160
- EPSS 0.56%
- Veröffentlicht 28.07.2022 01:15:16
- Zuletzt bearbeitet 02.06.2026 14:16:27
Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from a user's local files via a craft...