VYPR

rpm package

opensuse/opera&distro=openSUSE Leap 15.3 NonFree

pkg:rpm/opensuse/opera&distro=openSUSE%20Leap%2015.3%20NonFree

Vulnerabilities (270)

  • CVE-2022-0801MedJan 2, 2023
    affected < 85.0.4341.28-lp153.2.42.1fixed 85.0.4341.28-lp153.2.42.1

    Inappropriate implementation in HTML parser in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass XSS preventions via a crafted HTML page. (Chrome security severity: Medium)

  • CVE-2022-3450HigNov 9, 2022
    affected < 92.0.4561.21-lp153.2.66.1fixed 92.0.4561.21-lp153.2.66.1

    Use after free in Peer Connection in Google Chrome prior to 106.0.5249.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3449HigNov 9, 2022
    affected < 92.0.4561.21-lp153.2.66.1fixed 92.0.4561.21-lp153.2.66.1

    Use after free in Safe Browsing in Google Chrome prior to 106.0.5249.119 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)

  • CVE-2022-3448HigNov 9, 2022
    affected < 92.0.4561.21-lp153.2.66.1fixed 92.0.4561.21-lp153.2.66.1

    Use after free in Permissions API in Google Chrome prior to 106.0.5249.119 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3447MedNov 9, 2022
    affected < 92.0.4561.21-lp153.2.66.1fixed 92.0.4561.21-lp153.2.66.1

    Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 106.0.5249.119 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3446HigNov 9, 2022
    affected < 92.0.4561.21-lp153.2.66.1fixed 92.0.4561.21-lp153.2.66.1

    Heap buffer overflow in WebSQL in Google Chrome prior to 106.0.5249.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3445HigNov 9, 2022
    affected < 92.0.4561.21-lp153.2.66.1fixed 92.0.4561.21-lp153.2.66.1

    Use after free in Skia in Google Chrome prior to 106.0.5249.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3723HigKEVNov 1, 2022
    affected < 93.0.4585.11-lp153.2.69.1fixed 93.0.4585.11-lp153.2.69.1

    Type confusion in V8 in Google Chrome prior to 107.0.5304.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3201MedSep 26, 2022
    affected < 91.0.4516.20-lp153.2.63.1fixed 91.0.4516.20-lp153.2.63.1

    Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3200HigSep 26, 2022
    affected < 91.0.4516.20-lp153.2.63.1fixed 91.0.4516.20-lp153.2.63.1

    Heap buffer overflow in Internals in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3199HigSep 26, 2022
    affected < 91.0.4516.20-lp153.2.63.1fixed 91.0.4516.20-lp153.2.63.1

    Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3198HigSep 26, 2022
    affected < 91.0.4516.20-lp153.2.63.1fixed 91.0.4516.20-lp153.2.63.1

    Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)

  • CVE-2022-3197HigSep 26, 2022
    affected < 91.0.4516.20-lp153.2.63.1fixed 91.0.4516.20-lp153.2.63.1

    Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)

  • CVE-2022-3196HigSep 26, 2022
    affected < 91.0.4516.20-lp153.2.63.1fixed 91.0.4516.20-lp153.2.63.1

    Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)

  • CVE-2022-3075CriKEVSep 26, 2022
    affected < 90.0.4480.84-lp153.2.60.1fixed 90.0.4480.84-lp153.2.60.1

    Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

  • CVE-2022-2861MedSep 26, 2022
    affected < 90.0.4480.54-lp153.2.57.1fixed 90.0.4480.54-lp153.2.57.1

    Inappropriate implementation in Extensions API in Google Chrome prior to 104.0.5112.101 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts into WebUI via a crafted HTML page.

  • CVE-2022-2860MedSep 26, 2022
    affected < 90.0.4480.54-lp153.2.57.1fixed 90.0.4480.54-lp153.2.57.1

    Insufficient policy enforcement in Cookies in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to bypass cookie prefix restrictions via a crafted HTML page.

  • CVE-2022-2859HigSep 26, 2022
    affected < 90.0.4480.54-lp153.2.57.1fixed 90.0.4480.54-lp153.2.57.1

    Use after free in Chrome OS Shell in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions.

  • CVE-2022-2858HigSep 26, 2022
    affected < 90.0.4480.54-lp153.2.57.1fixed 90.0.4480.54-lp153.2.57.1

    Use after free in Sign-In Flow in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via specific UI interaction.

  • CVE-2022-2857HigSep 26, 2022
    affected < 90.0.4480.54-lp153.2.57.1fixed 90.0.4480.54-lp153.2.57.1

    Use after free in Blink in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Page 1 of 14