rpm package
opensuse/opera&distro=openSUSE Leap 15.4 NonFree
pkg:rpm/opensuse/opera&distro=openSUSE%20Leap%2015.4%20NonFree
Vulnerabilities (432)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-2478 | — | < 89.0.4447.71-lp154.2.14.1 | 89.0.4447.71-lp154.2.14.1 | Jul 28, 2022 | Use after free in PDF in Google Chrome prior to 103.0.5060.134 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-2477 | — | < 89.0.4447.71-lp154.2.14.1 | 89.0.4447.71-lp154.2.14.1 | Jul 28, 2022 | Use after free in Guest View in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-2294 | — | KEV | < 88.0.4412.74-lp154.2.11.1 | 88.0.4412.74-lp154.2.11.1 | Jul 28, 2022 | Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2022-1641 | — | < 87.0.4390.25-lp154.2.8.1 | 87.0.4390.25-lp154.2.8.1 | Jul 26, 2022 | Use after free in Web UI Diagnostics in Google Chrome on Chrome OS prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interaction. | ||
| CVE-2022-1640 | — | < 87.0.4390.25-lp154.2.8.1 | 87.0.4390.25-lp154.2.8.1 | Jul 26, 2022 | Use after free in Sharing in Google Chrome prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-1639 | — | < 87.0.4390.25-lp154.2.8.1 | 87.0.4390.25-lp154.2.8.1 | Jul 26, 2022 | Use after free in ANGLE in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-1638 | — | < 87.0.4390.25-lp154.2.8.1 | 87.0.4390.25-lp154.2.8.1 | Jul 26, 2022 | Heap buffer overflow in V8 Internationalization in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-1637 | — | < 87.0.4390.25-lp154.2.8.1 | 87.0.4390.25-lp154.2.8.1 | Jul 26, 2022 | Inappropriate implementation in Web Contents in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | ||
| CVE-2022-1636 | — | < 87.0.4390.25-lp154.2.8.1 | 87.0.4390.25-lp154.2.8.1 | Jul 26, 2022 | Use after free in Performance APIs in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-1635 | — | < 87.0.4390.25-lp154.2.8.1 | 87.0.4390.25-lp154.2.8.1 | Jul 26, 2022 | Use after free in Permission Prompts in Google Chrome prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interactions. | ||
| CVE-2022-1634 | — | < 87.0.4390.25-lp154.2.8.1 | 87.0.4390.25-lp154.2.8.1 | Jul 26, 2022 | Use after free in Browser UI in Google Chrome prior to 101.0.4951.64 allowed a remote attacker who had convinced a user to engage in specific UI interaction to potentially exploit heap corruption via specific user interactions. | ||
| CVE-2022-1633 | — | < 87.0.4390.25-lp154.2.8.1 | 87.0.4390.25-lp154.2.8.1 | Jul 26, 2022 | Use after free in Sharesheet in Google Chrome on Chrome OS prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interactions. | ||
| CVE-2022-1364 | — | KEV | < 87.0.4390.25-lp154.2.8.1 | 87.0.4390.25-lp154.2.8.1 | Jul 26, 2022 | Type confusion in V8 Turbofan in Google Chrome prior to 100.0.4896.127 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2022-1096 | — | KEV | < 85.0.4341.28-lp154.2.5.1 | 85.0.4341.28-lp154.2.5.1 | Jul 22, 2022 | Type confusion in V8 in Google Chrome prior to 99.0.4844.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2022-0470 | — | < 85.0.4341.28-lp154.2.5.1 | 85.0.4341.28-lp154.2.5.1 | Apr 5, 2022 | Out of bounds memory access in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-0469 | — | < 85.0.4341.28-lp154.2.5.1 | 85.0.4341.28-lp154.2.5.1 | Apr 5, 2022 | Use after free in Cast in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific interactions to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-0468 | — | < 85.0.4341.28-lp154.2.5.1 | 85.0.4341.28-lp154.2.5.1 | Apr 5, 2022 | Use after free in Payments in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-0467 | — | < 85.0.4341.28-lp154.2.5.1 | 85.0.4341.28-lp154.2.5.1 | Apr 5, 2022 | Inappropriate implementation in Pointer Lock in Google Chrome on Windows prior to 98.0.4758.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | ||
| CVE-2022-0466 | — | < 85.0.4341.28-lp154.2.5.1 | 85.0.4341.28-lp154.2.5.1 | Apr 5, 2022 | Inappropriate implementation in Extensions Platform in Google Chrome prior to 98.0.4758.80 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page. | ||
| CVE-2022-0465 | — | < 85.0.4341.28-lp154.2.5.1 | 85.0.4341.28-lp154.2.5.1 | Apr 5, 2022 | Use after free in Extensions in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via user interaction. |
- CVE-2022-2478Jul 28, 2022affected < 89.0.4447.71-lp154.2.14.1fixed 89.0.4447.71-lp154.2.14.1
Use after free in PDF in Google Chrome prior to 103.0.5060.134 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-2477Jul 28, 2022affected < 89.0.4447.71-lp154.2.14.1fixed 89.0.4447.71-lp154.2.14.1
Use after free in Guest View in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
- affected < 88.0.4412.74-lp154.2.11.1fixed 88.0.4412.74-lp154.2.11.1
Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-1641Jul 26, 2022affected < 87.0.4390.25-lp154.2.8.1fixed 87.0.4390.25-lp154.2.8.1
Use after free in Web UI Diagnostics in Google Chrome on Chrome OS prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interaction.
- CVE-2022-1640Jul 26, 2022affected < 87.0.4390.25-lp154.2.8.1fixed 87.0.4390.25-lp154.2.8.1
Use after free in Sharing in Google Chrome prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-1639Jul 26, 2022affected < 87.0.4390.25-lp154.2.8.1fixed 87.0.4390.25-lp154.2.8.1
Use after free in ANGLE in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-1638Jul 26, 2022affected < 87.0.4390.25-lp154.2.8.1fixed 87.0.4390.25-lp154.2.8.1
Heap buffer overflow in V8 Internationalization in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-1637Jul 26, 2022affected < 87.0.4390.25-lp154.2.8.1fixed 87.0.4390.25-lp154.2.8.1
Inappropriate implementation in Web Contents in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
- CVE-2022-1636Jul 26, 2022affected < 87.0.4390.25-lp154.2.8.1fixed 87.0.4390.25-lp154.2.8.1
Use after free in Performance APIs in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-1635Jul 26, 2022affected < 87.0.4390.25-lp154.2.8.1fixed 87.0.4390.25-lp154.2.8.1
Use after free in Permission Prompts in Google Chrome prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interactions.
- CVE-2022-1634Jul 26, 2022affected < 87.0.4390.25-lp154.2.8.1fixed 87.0.4390.25-lp154.2.8.1
Use after free in Browser UI in Google Chrome prior to 101.0.4951.64 allowed a remote attacker who had convinced a user to engage in specific UI interaction to potentially exploit heap corruption via specific user interactions.
- CVE-2022-1633Jul 26, 2022affected < 87.0.4390.25-lp154.2.8.1fixed 87.0.4390.25-lp154.2.8.1
Use after free in Sharesheet in Google Chrome on Chrome OS prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interactions.
- affected < 87.0.4390.25-lp154.2.8.1fixed 87.0.4390.25-lp154.2.8.1
Type confusion in V8 Turbofan in Google Chrome prior to 100.0.4896.127 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- affected < 85.0.4341.28-lp154.2.5.1fixed 85.0.4341.28-lp154.2.5.1
Type confusion in V8 in Google Chrome prior to 99.0.4844.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-0470Apr 5, 2022affected < 85.0.4341.28-lp154.2.5.1fixed 85.0.4341.28-lp154.2.5.1
Out of bounds memory access in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-0469Apr 5, 2022affected < 85.0.4341.28-lp154.2.5.1fixed 85.0.4341.28-lp154.2.5.1
Use after free in Cast in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific interactions to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-0468Apr 5, 2022affected < 85.0.4341.28-lp154.2.5.1fixed 85.0.4341.28-lp154.2.5.1
Use after free in Payments in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-0467Apr 5, 2022affected < 85.0.4341.28-lp154.2.5.1fixed 85.0.4341.28-lp154.2.5.1
Inappropriate implementation in Pointer Lock in Google Chrome on Windows prior to 98.0.4758.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
- CVE-2022-0466Apr 5, 2022affected < 85.0.4341.28-lp154.2.5.1fixed 85.0.4341.28-lp154.2.5.1
Inappropriate implementation in Extensions Platform in Google Chrome prior to 98.0.4758.80 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page.
- CVE-2022-0465Apr 5, 2022affected < 85.0.4341.28-lp154.2.5.1fixed 85.0.4341.28-lp154.2.5.1
Use after free in Extensions in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via user interaction.
Page 10 of 22