CVE-2022-0108
- EPSS 1.17%
- Veröffentlicht 12.02.2022 00:15:07
- Zuletzt bearbeitet 21.11.2024 06:37:55
Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2022-0109
- EPSS 1.33%
- Veröffentlicht 12.02.2022 00:15:07
- Zuletzt bearbeitet 21.11.2024 06:37:55
Inappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to obtain potentially sensitive information via a crafted HTML page.
CVE-2022-0110
- EPSS 1.08%
- Veröffentlicht 12.02.2022 00:15:07
- Zuletzt bearbeitet 21.11.2024 06:37:55
Incorrect security UI in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2022-0111
- EPSS 0.79%
- Veröffentlicht 12.02.2022 00:15:07
- Zuletzt bearbeitet 21.11.2024 06:37:55
Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to incorrectly set origin via a crafted HTML page.
CVE-2022-0112
- EPSS 1.11%
- Veröffentlicht 12.02.2022 00:15:07
- Zuletzt bearbeitet 21.11.2024 06:37:55
Incorrect security UI in Browser UI in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to display missing URL or incorrect URL via a crafted URL.
CVE-2022-0113
- EPSS 0.86%
- Veröffentlicht 12.02.2022 00:15:07
- Zuletzt bearbeitet 21.11.2024 06:37:56
Inappropriate implementation in Blink in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2022-0114
- EPSS 1.31%
- Veröffentlicht 12.02.2022 00:15:07
- Zuletzt bearbeitet 21.11.2024 06:37:56
Out of bounds memory access in Blink Serial API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page and virtual serial port driver.
CVE-2022-0115
- EPSS 1.5%
- Veröffentlicht 12.02.2022 00:15:07
- Zuletzt bearbeitet 21.11.2024 06:37:56
Uninitialized use in File API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
CVE-2022-23634
- EPSS 2.12%
- Veröffentlicht 11.02.2022 22:15:07
- Zuletzt bearbeitet 21.11.2024 06:48:58
Puma is a Ruby/Rack web server built for parallelism. Prior to `puma` version `5.6.2`, `puma` may not always call `close` on the response body. Rails, prior to version `7.0.2.2`, depended on the response body being closed in order for its `CurrentAtt...
CVE-2022-0561
- EPSS 1.25%
- Veröffentlicht 11.02.2022 18:15:11
- Zuletzt bearbeitet 21.11.2024 06:38:55
Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, t...