rpm package
opensuse/opera&distro=openSUSE Leap 15.4 NonFree
pkg:rpm/opensuse/opera&distro=openSUSE%20Leap%2015.4%20NonFree
Vulnerabilities (432)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-2855 | — | < 90.0.4480.54-lp154.2.17.1 | 90.0.4480.54-lp154.2.17.1 | Sep 26, 2022 | Use after free in ANGLE in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-2854 | — | < 90.0.4480.54-lp154.2.17.1 | 90.0.4480.54-lp154.2.17.1 | Sep 26, 2022 | Use after free in SwiftShader in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-3201 | — | < 91.0.4516.20-lp154.2.23.1 | 91.0.4516.20-lp154.2.23.1 | Sep 26, 2022 | Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2022-3200 | — | < 91.0.4516.20-lp154.2.23.1 | 91.0.4516.20-lp154.2.23.1 | Sep 26, 2022 | Heap buffer overflow in Internals in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2022-3199 | — | < 91.0.4516.20-lp154.2.23.1 | 91.0.4516.20-lp154.2.23.1 | Sep 26, 2022 | Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2022-3198 | — | < 91.0.4516.20-lp154.2.23.1 | 91.0.4516.20-lp154.2.23.1 | Sep 26, 2022 | Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High) | ||
| CVE-2022-3197 | — | < 91.0.4516.20-lp154.2.23.1 | 91.0.4516.20-lp154.2.23.1 | Sep 26, 2022 | Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High) | ||
| CVE-2022-3196 | — | < 91.0.4516.20-lp154.2.23.1 | 91.0.4516.20-lp154.2.23.1 | Sep 26, 2022 | Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High) | ||
| CVE-2022-2853 | — | < 90.0.4480.54-lp154.2.17.1 | 90.0.4480.54-lp154.2.17.1 | Sep 26, 2022 | Heap buffer overflow in Downloads in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-2852 | — | < 90.0.4480.54-lp154.2.17.1 | 90.0.4480.54-lp154.2.17.1 | Sep 26, 2022 | Use after free in FedCM in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-2296 | — | < 89.0.4447.71-lp154.2.14.1 | 89.0.4447.71-lp154.2.14.1 | Jul 28, 2022 | Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 103.0.5060.114 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via direct UI interactions. | ||
| CVE-2022-2295 | — | < 89.0.4447.71-lp154.2.14.1 | 89.0.4447.71-lp154.2.14.1 | Jul 28, 2022 | Type confusion in V8 in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-2163 | — | < 89.0.4447.71-lp154.2.14.1 | 89.0.4447.71-lp154.2.14.1 | Jul 28, 2022 | Use after free in Cast UI and Toolbar in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via UI interaction. | ||
| CVE-2022-2011 | — | < 88.0.4412.74-lp154.2.11.1 | 88.0.4412.74-lp154.2.11.1 | Jul 28, 2022 | Use after free in ANGLE in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-2010 | — | < 88.0.4412.74-lp154.2.11.1 | 88.0.4412.74-lp154.2.11.1 | Jul 28, 2022 | Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | ||
| CVE-2022-2008 | — | < 88.0.4412.74-lp154.2.11.1 | 88.0.4412.74-lp154.2.11.1 | Jul 28, 2022 | Double free in WebGL in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-2007 | — | < 88.0.4412.74-lp154.2.11.1 | 88.0.4412.74-lp154.2.11.1 | Jul 28, 2022 | Use after free in WebGPU in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-2481 | — | < 89.0.4447.71-lp154.2.14.1 | 89.0.4447.71-lp154.2.14.1 | Jul 28, 2022 | Use after free in Views in Google Chrome prior to 103.0.5060.134 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via UI interaction. | ||
| CVE-2022-2480 | — | < 89.0.4447.71-lp154.2.14.1 | 89.0.4447.71-lp154.2.14.1 | Jul 28, 2022 | Use after free in Service Worker API in Google Chrome prior to 103.0.5060.134 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-2479 | — | < 89.0.4447.71-lp154.2.14.1 | 89.0.4447.71-lp154.2.14.1 | Jul 28, 2022 | Insufficient validation of untrusted input in File in Google Chrome on Android prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious app to obtain potentially sensitive information from internal file directories via a crafted HTML page. |
- CVE-2022-2855Sep 26, 2022affected < 90.0.4480.54-lp154.2.17.1fixed 90.0.4480.54-lp154.2.17.1
Use after free in ANGLE in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-2854Sep 26, 2022affected < 90.0.4480.54-lp154.2.17.1fixed 90.0.4480.54-lp154.2.17.1
Use after free in SwiftShader in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-3201Sep 26, 2022affected < 91.0.4516.20-lp154.2.23.1fixed 91.0.4516.20-lp154.2.23.1
Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: High)
- CVE-2022-3200Sep 26, 2022affected < 91.0.4516.20-lp154.2.23.1fixed 91.0.4516.20-lp154.2.23.1
Heap buffer overflow in Internals in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- CVE-2022-3199Sep 26, 2022affected < 91.0.4516.20-lp154.2.23.1fixed 91.0.4516.20-lp154.2.23.1
Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- CVE-2022-3198Sep 26, 2022affected < 91.0.4516.20-lp154.2.23.1fixed 91.0.4516.20-lp154.2.23.1
Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)
- CVE-2022-3197Sep 26, 2022affected < 91.0.4516.20-lp154.2.23.1fixed 91.0.4516.20-lp154.2.23.1
Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)
- CVE-2022-3196Sep 26, 2022affected < 91.0.4516.20-lp154.2.23.1fixed 91.0.4516.20-lp154.2.23.1
Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)
- CVE-2022-2853Sep 26, 2022affected < 90.0.4480.54-lp154.2.17.1fixed 90.0.4480.54-lp154.2.17.1
Heap buffer overflow in Downloads in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-2852Sep 26, 2022affected < 90.0.4480.54-lp154.2.17.1fixed 90.0.4480.54-lp154.2.17.1
Use after free in FedCM in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-2296Jul 28, 2022affected < 89.0.4447.71-lp154.2.14.1fixed 89.0.4447.71-lp154.2.14.1
Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 103.0.5060.114 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via direct UI interactions.
- CVE-2022-2295Jul 28, 2022affected < 89.0.4447.71-lp154.2.14.1fixed 89.0.4447.71-lp154.2.14.1
Type confusion in V8 in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-2163Jul 28, 2022affected < 89.0.4447.71-lp154.2.14.1fixed 89.0.4447.71-lp154.2.14.1
Use after free in Cast UI and Toolbar in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via UI interaction.
- CVE-2022-2011Jul 28, 2022affected < 88.0.4412.74-lp154.2.11.1fixed 88.0.4412.74-lp154.2.11.1
Use after free in ANGLE in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-2010Jul 28, 2022affected < 88.0.4412.74-lp154.2.11.1fixed 88.0.4412.74-lp154.2.11.1
Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- CVE-2022-2008Jul 28, 2022affected < 88.0.4412.74-lp154.2.11.1fixed 88.0.4412.74-lp154.2.11.1
Double free in WebGL in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-2007Jul 28, 2022affected < 88.0.4412.74-lp154.2.11.1fixed 88.0.4412.74-lp154.2.11.1
Use after free in WebGPU in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-2481Jul 28, 2022affected < 89.0.4447.71-lp154.2.14.1fixed 89.0.4447.71-lp154.2.14.1
Use after free in Views in Google Chrome prior to 103.0.5060.134 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via UI interaction.
- CVE-2022-2480Jul 28, 2022affected < 89.0.4447.71-lp154.2.14.1fixed 89.0.4447.71-lp154.2.14.1
Use after free in Service Worker API in Google Chrome prior to 103.0.5060.134 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-2479Jul 28, 2022affected < 89.0.4447.71-lp154.2.14.1fixed 89.0.4447.71-lp154.2.14.1
Insufficient validation of untrusted input in File in Google Chrome on Android prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious app to obtain potentially sensitive information from internal file directories via a crafted HTML page.
Page 9 of 22