VYPR

rpm package

opensuse/chromium&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweed

Vulnerabilities (4,053)

  • CVE-2022-2859Sep 26, 2022
    affected < 104.0.5112.101-1.1fixed 104.0.5112.101-1.1

    Use after free in Chrome OS Shell in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions.

  • CVE-2022-2858Sep 26, 2022
    affected < 104.0.5112.101-1.1fixed 104.0.5112.101-1.1

    Use after free in Sign-In Flow in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via specific UI interaction.

  • CVE-2022-2857Sep 26, 2022
    affected < 104.0.5112.101-1.1fixed 104.0.5112.101-1.1

    Use after free in Blink in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-2856KEVSep 26, 2022
    affected < 104.0.5112.101-1.1fixed 104.0.5112.101-1.1

    Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker to arbitrarily browse to a malicious website via a crafted HTML page.

  • CVE-2022-2855Sep 26, 2022
    affected < 104.0.5112.101-1.1fixed 104.0.5112.101-1.1

    Use after free in ANGLE in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-2854Sep 26, 2022
    affected < 104.0.5112.101-1.1fixed 104.0.5112.101-1.1

    Use after free in SwiftShader in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-3201Sep 26, 2022
    affected < 105.0.5195.127-1.1fixed 105.0.5195.127-1.1

    Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3200Sep 26, 2022
    affected < 105.0.5195.127-1.1fixed 105.0.5195.127-1.1

    Heap buffer overflow in Internals in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3199Sep 26, 2022
    affected < 105.0.5195.127-1.1fixed 105.0.5195.127-1.1

    Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3198Sep 26, 2022
    affected < 105.0.5195.127-1.1fixed 105.0.5195.127-1.1

    Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)

  • CVE-2022-3197Sep 26, 2022
    affected < 105.0.5195.127-1.1fixed 105.0.5195.127-1.1

    Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)

  • CVE-2022-3196Sep 26, 2022
    affected < 105.0.5195.127-1.1fixed 105.0.5195.127-1.1

    Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)

  • CVE-2022-3195Sep 26, 2022
    affected < 105.0.5195.127-1.1fixed 105.0.5195.127-1.1

    Out of bounds write in Storage in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-2853Sep 26, 2022
    affected < 104.0.5112.101-1.1fixed 104.0.5112.101-1.1

    Heap buffer overflow in Downloads in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-2852Sep 26, 2022
    affected < 104.0.5112.101-1.1fixed 104.0.5112.101-1.1

    Use after free in FedCM in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-2624Aug 12, 2022
    affected < 104.0.5112.79-1.1fixed 104.0.5112.79-1.1

    Heap buffer overflow in PDF in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted PDF file.

  • CVE-2022-2623Aug 12, 2022
    affected < 104.0.5112.79-1.1fixed 104.0.5112.79-1.1

    Use after free in Offline in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions.

  • CVE-2022-2622Aug 12, 2022
    affected < 104.0.5112.79-1.1fixed 104.0.5112.79-1.1

    Insufficient validation of untrusted input in Safe Browsing in Google Chrome on Windows prior to 104.0.5112.79 allowed a remote attacker to bypass download restrictions via a crafted file.

  • CVE-2022-2621Aug 12, 2022
    affected < 104.0.5112.79-1.1fixed 104.0.5112.79-1.1

    Use after free in Extensions in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interactions.

  • CVE-2022-2620Aug 12, 2022
    affected < 104.0.5112.79-1.1fixed 104.0.5112.79-1.1

    Use after free in WebUI in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions.

Page 97 of 203