rpm package
opensuse/opera&distro=openSUSE Leap 15.3 NonFree
pkg:rpm/opensuse/opera&distro=openSUSE%20Leap%2015.3%20NonFree
Vulnerabilities (270)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-3198 | — | < 91.0.4516.20-lp153.2.63.1 | 91.0.4516.20-lp153.2.63.1 | Sep 26, 2022 | Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High) | ||
| CVE-2022-3197 | — | < 91.0.4516.20-lp153.2.63.1 | 91.0.4516.20-lp153.2.63.1 | Sep 26, 2022 | Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High) | ||
| CVE-2022-3196 | — | < 91.0.4516.20-lp153.2.63.1 | 91.0.4516.20-lp153.2.63.1 | Sep 26, 2022 | Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High) | ||
| CVE-2022-2853 | — | < 90.0.4480.54-lp153.2.57.1 | 90.0.4480.54-lp153.2.57.1 | Sep 26, 2022 | Heap buffer overflow in Downloads in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-2852 | — | < 90.0.4480.54-lp153.2.57.1 | 90.0.4480.54-lp153.2.57.1 | Sep 26, 2022 | Use after free in FedCM in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-2296 | — | < 89.0.4447.71-lp153.2.54.1 | 89.0.4447.71-lp153.2.54.1 | Jul 28, 2022 | Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 103.0.5060.114 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via direct UI interactions. | ||
| CVE-2022-2295 | — | < 89.0.4447.71-lp153.2.54.1 | 89.0.4447.71-lp153.2.54.1 | Jul 28, 2022 | Type confusion in V8 in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-2163 | — | < 89.0.4447.71-lp153.2.54.1 | 89.0.4447.71-lp153.2.54.1 | Jul 28, 2022 | Use after free in Cast UI and Toolbar in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via UI interaction. | ||
| CVE-2022-2011 | — | < 88.0.4412.74-lp154.2.11.1 | 88.0.4412.74-lp154.2.11.1 | Jul 28, 2022 | Use after free in ANGLE in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-2010 | — | < 88.0.4412.74-lp154.2.11.1 | 88.0.4412.74-lp154.2.11.1 | Jul 28, 2022 | Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | ||
| CVE-2022-2008 | — | < 88.0.4412.74-lp154.2.11.1 | 88.0.4412.74-lp154.2.11.1 | Jul 28, 2022 | Double free in WebGL in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-2007 | — | < 88.0.4412.74-lp154.2.11.1 | 88.0.4412.74-lp154.2.11.1 | Jul 28, 2022 | Use after free in WebGPU in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-2481 | — | < 89.0.4447.71-lp153.2.54.1 | 89.0.4447.71-lp153.2.54.1 | Jul 28, 2022 | Use after free in Views in Google Chrome prior to 103.0.5060.134 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via UI interaction. | ||
| CVE-2022-2480 | — | < 89.0.4447.71-lp153.2.54.1 | 89.0.4447.71-lp153.2.54.1 | Jul 28, 2022 | Use after free in Service Worker API in Google Chrome prior to 103.0.5060.134 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-2479 | — | < 89.0.4447.71-lp153.2.54.1 | 89.0.4447.71-lp153.2.54.1 | Jul 28, 2022 | Insufficient validation of untrusted input in File in Google Chrome on Android prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious app to obtain potentially sensitive information from internal file directories via a crafted HTML page. | ||
| CVE-2022-2478 | — | < 89.0.4447.71-lp153.2.54.1 | 89.0.4447.71-lp153.2.54.1 | Jul 28, 2022 | Use after free in PDF in Google Chrome prior to 103.0.5060.134 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-2477 | — | < 89.0.4447.71-lp153.2.54.1 | 89.0.4447.71-lp153.2.54.1 | Jul 28, 2022 | Use after free in Guest View in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-2294 | — | KEV | < 88.0.4412.74-lp154.2.11.1 | 88.0.4412.74-lp154.2.11.1 | Jul 28, 2022 | Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2022-1641 | — | < 87.0.4390.25-lp153.2.48.1 | 87.0.4390.25-lp153.2.48.1 | Jul 26, 2022 | Use after free in Web UI Diagnostics in Google Chrome on Chrome OS prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interaction. | ||
| CVE-2022-1640 | — | < 87.0.4390.25-lp153.2.48.1 | 87.0.4390.25-lp153.2.48.1 | Jul 26, 2022 | Use after free in Sharing in Google Chrome prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. |
- CVE-2022-3198Sep 26, 2022affected < 91.0.4516.20-lp153.2.63.1fixed 91.0.4516.20-lp153.2.63.1
Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)
- CVE-2022-3197Sep 26, 2022affected < 91.0.4516.20-lp153.2.63.1fixed 91.0.4516.20-lp153.2.63.1
Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)
- CVE-2022-3196Sep 26, 2022affected < 91.0.4516.20-lp153.2.63.1fixed 91.0.4516.20-lp153.2.63.1
Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)
- CVE-2022-2853Sep 26, 2022affected < 90.0.4480.54-lp153.2.57.1fixed 90.0.4480.54-lp153.2.57.1
Heap buffer overflow in Downloads in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-2852Sep 26, 2022affected < 90.0.4480.54-lp153.2.57.1fixed 90.0.4480.54-lp153.2.57.1
Use after free in FedCM in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-2296Jul 28, 2022affected < 89.0.4447.71-lp153.2.54.1fixed 89.0.4447.71-lp153.2.54.1
Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 103.0.5060.114 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via direct UI interactions.
- CVE-2022-2295Jul 28, 2022affected < 89.0.4447.71-lp153.2.54.1fixed 89.0.4447.71-lp153.2.54.1
Type confusion in V8 in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-2163Jul 28, 2022affected < 89.0.4447.71-lp153.2.54.1fixed 89.0.4447.71-lp153.2.54.1
Use after free in Cast UI and Toolbar in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via UI interaction.
- CVE-2022-2011Jul 28, 2022affected < 88.0.4412.74-lp154.2.11.1fixed 88.0.4412.74-lp154.2.11.1
Use after free in ANGLE in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-2010Jul 28, 2022affected < 88.0.4412.74-lp154.2.11.1fixed 88.0.4412.74-lp154.2.11.1
Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- CVE-2022-2008Jul 28, 2022affected < 88.0.4412.74-lp154.2.11.1fixed 88.0.4412.74-lp154.2.11.1
Double free in WebGL in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-2007Jul 28, 2022affected < 88.0.4412.74-lp154.2.11.1fixed 88.0.4412.74-lp154.2.11.1
Use after free in WebGPU in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-2481Jul 28, 2022affected < 89.0.4447.71-lp153.2.54.1fixed 89.0.4447.71-lp153.2.54.1
Use after free in Views in Google Chrome prior to 103.0.5060.134 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via UI interaction.
- CVE-2022-2480Jul 28, 2022affected < 89.0.4447.71-lp153.2.54.1fixed 89.0.4447.71-lp153.2.54.1
Use after free in Service Worker API in Google Chrome prior to 103.0.5060.134 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-2479Jul 28, 2022affected < 89.0.4447.71-lp153.2.54.1fixed 89.0.4447.71-lp153.2.54.1
Insufficient validation of untrusted input in File in Google Chrome on Android prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious app to obtain potentially sensitive information from internal file directories via a crafted HTML page.
- CVE-2022-2478Jul 28, 2022affected < 89.0.4447.71-lp153.2.54.1fixed 89.0.4447.71-lp153.2.54.1
Use after free in PDF in Google Chrome prior to 103.0.5060.134 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-2477Jul 28, 2022affected < 89.0.4447.71-lp153.2.54.1fixed 89.0.4447.71-lp153.2.54.1
Use after free in Guest View in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
- affected < 88.0.4412.74-lp154.2.11.1fixed 88.0.4412.74-lp154.2.11.1
Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-1641Jul 26, 2022affected < 87.0.4390.25-lp153.2.48.1fixed 87.0.4390.25-lp153.2.48.1
Use after free in Web UI Diagnostics in Google Chrome on Chrome OS prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interaction.
- CVE-2022-1640Jul 26, 2022affected < 87.0.4390.25-lp153.2.48.1fixed 87.0.4390.25-lp153.2.48.1
Use after free in Sharing in Google Chrome prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page.
Page 2 of 14