rpm package
opensuse/chromium&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweed
Vulnerabilities (4,053)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-0805 | — | < 99.0.4844.51-1.1 | 99.0.4844.51-1.1 | Apr 5, 2022 | Use after free in Browser Switcher in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction. | ||
| CVE-2022-0804 | — | < 99.0.4844.51-1.1 | 99.0.4844.51-1.1 | Apr 5, 2022 | Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. | ||
| CVE-2022-0803 | — | < 99.0.4844.51-1.1 | 99.0.4844.51-1.1 | Apr 5, 2022 | Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to tamper with the contents of the Omnibox (URL bar) via a crafted HTML page. | ||
| CVE-2022-0802 | — | < 99.0.4844.51-1.1 | 99.0.4844.51-1.1 | Apr 5, 2022 | Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. | ||
| CVE-2022-0800 | — | < 99.0.4844.51-1.1 | 99.0.4844.51-1.1 | Apr 5, 2022 | Heap buffer overflow in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-0799 | — | < 99.0.4844.51-1.1 | 99.0.4844.51-1.1 | Apr 5, 2022 | Insufficient policy enforcement in Installer in Google Chrome on Windows prior to 99.0.4844.51 allowed a remote attacker to perform local privilege escalation via a crafted offline installer file. | ||
| CVE-2022-0798 | — | < 99.0.4844.51-1.1 | 99.0.4844.51-1.1 | Apr 5, 2022 | Use after free in MediaStream in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. | ||
| CVE-2022-0797 | — | < 99.0.4844.51-1.1 | 99.0.4844.51-1.1 | Apr 5, 2022 | Out of bounds memory access in Mojo in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. | ||
| CVE-2022-0796 | — | < 99.0.4844.51-1.1 | 99.0.4844.51-1.1 | Apr 5, 2022 | Use after free in Media in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-0795 | — | < 99.0.4844.51-1.1 | 99.0.4844.51-1.1 | Apr 5, 2022 | Type confusion in Blink Layout in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-0794 | — | < 99.0.4844.51-1.1 | 99.0.4844.51-1.1 | Apr 5, 2022 | Use after free in WebShare in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-0793 | — | < 99.0.4844.51-1.1 | 99.0.4844.51-1.1 | Apr 5, 2022 | Use after free in Cast in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension and engage in specific user interaction to potentially exploit heap corruption via a crafted Chrome Extension. | ||
| CVE-2022-0792 | — | < 99.0.4844.51-1.1 | 99.0.4844.51-1.1 | Apr 5, 2022 | Out of bounds read in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-0791 | — | < 99.0.4844.51-1.1 | 99.0.4844.51-1.1 | Apr 5, 2022 | Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via user interactions. | ||
| CVE-2022-0790 | — | < 99.0.4844.51-1.1 | 99.0.4844.51-1.1 | Apr 5, 2022 | Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML page. | ||
| CVE-2022-0789 | — | < 99.0.4844.51-1.1 | 99.0.4844.51-1.1 | Apr 5, 2022 | Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-0610 | — | < 98.0.4758.102-1.1 | 98.0.4758.102-1.1 | Apr 4, 2022 | Inappropriate implementation in Gamepad API in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-0609 | — | KEV | < 98.0.4758.102-1.1 | 98.0.4758.102-1.1 | Apr 4, 2022 | Use after free in Animation in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2022-0608 | — | < 98.0.4758.102-1.1 | 98.0.4758.102-1.1 | Apr 4, 2022 | Integer overflow in Mojo in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-0607 | — | < 98.0.4758.102-1.1 | 98.0.4758.102-1.1 | Apr 4, 2022 | Use after free in GPU in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
- CVE-2022-0805Apr 5, 2022affected < 99.0.4844.51-1.1fixed 99.0.4844.51-1.1
Use after free in Browser Switcher in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction.
- CVE-2022-0804Apr 5, 2022affected < 99.0.4844.51-1.1fixed 99.0.4844.51-1.1
Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page.
- CVE-2022-0803Apr 5, 2022affected < 99.0.4844.51-1.1fixed 99.0.4844.51-1.1
Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to tamper with the contents of the Omnibox (URL bar) via a crafted HTML page.
- CVE-2022-0802Apr 5, 2022affected < 99.0.4844.51-1.1fixed 99.0.4844.51-1.1
Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page.
- CVE-2022-0800Apr 5, 2022affected < 99.0.4844.51-1.1fixed 99.0.4844.51-1.1
Heap buffer overflow in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-0799Apr 5, 2022affected < 99.0.4844.51-1.1fixed 99.0.4844.51-1.1
Insufficient policy enforcement in Installer in Google Chrome on Windows prior to 99.0.4844.51 allowed a remote attacker to perform local privilege escalation via a crafted offline installer file.
- CVE-2022-0798Apr 5, 2022affected < 99.0.4844.51-1.1fixed 99.0.4844.51-1.1
Use after free in MediaStream in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.
- CVE-2022-0797Apr 5, 2022affected < 99.0.4844.51-1.1fixed 99.0.4844.51-1.1
Out of bounds memory access in Mojo in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
- CVE-2022-0796Apr 5, 2022affected < 99.0.4844.51-1.1fixed 99.0.4844.51-1.1
Use after free in Media in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-0795Apr 5, 2022affected < 99.0.4844.51-1.1fixed 99.0.4844.51-1.1
Type confusion in Blink Layout in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-0794Apr 5, 2022affected < 99.0.4844.51-1.1fixed 99.0.4844.51-1.1
Use after free in WebShare in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-0793Apr 5, 2022affected < 99.0.4844.51-1.1fixed 99.0.4844.51-1.1
Use after free in Cast in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension and engage in specific user interaction to potentially exploit heap corruption via a crafted Chrome Extension.
- CVE-2022-0792Apr 5, 2022affected < 99.0.4844.51-1.1fixed 99.0.4844.51-1.1
Out of bounds read in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-0791Apr 5, 2022affected < 99.0.4844.51-1.1fixed 99.0.4844.51-1.1
Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via user interactions.
- CVE-2022-0790Apr 5, 2022affected < 99.0.4844.51-1.1fixed 99.0.4844.51-1.1
Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML page.
- CVE-2022-0789Apr 5, 2022affected < 99.0.4844.51-1.1fixed 99.0.4844.51-1.1
Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-0610Apr 4, 2022affected < 98.0.4758.102-1.1fixed 98.0.4758.102-1.1
Inappropriate implementation in Gamepad API in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 98.0.4758.102-1.1fixed 98.0.4758.102-1.1
Use after free in Animation in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-0608Apr 4, 2022affected < 98.0.4758.102-1.1fixed 98.0.4758.102-1.1
Integer overflow in Mojo in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-0607Apr 4, 2022affected < 98.0.4758.102-1.1fixed 98.0.4758.102-1.1
Use after free in GPU in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Page 106 of 203