CVE's - CVE Vulnerability

CVE

Vendors

Products

Updated

CVSS v2

CVSS v3

CVE-2022-0811

2022-03-28

N/A

8.8 HIGH

A flaw was found in CRI-O in the way it set kernel options for a pod. This issue allows anyone with rights to deploy a pod on a Kubernetes cluster that uses the CRI-O runtime to achieve a container escape and arbitrary code execution as root on the cluster node, where the malicious pod was deployed.

CVE-2022-0809

2023-01-24

N/A

8.8 HIGH

Out of bounds memory access in WebXR in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2022-0808

2023-01-24

N/A

8.8 HIGH

Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in a series of user interaction to potentially exploit heap corruption via user interactions.

CVE-2022-0807

2022-09-28

N/A

6.5 MEDIUM

Inappropriate implementation in Autofill in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

CVE-2022-0806

2022-09-28

N/A

6.5 MEDIUM

Data leak in Canvas in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in screen sharing to potentially leak cross-origin data via a crafted HTML page.

CVE-2022-0805

2022-09-28

N/A

8.8 HIGH

Use after free in Browser Switcher in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction.

CVE-2022-0804

2022-09-28

N/A

6.5 MEDIUM

Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page.

CVE-2022-0803

Linux, Linux Kernel

Acrn, Audit, Dhcp6c, Direct_connect, Infiniband_hfi1_driver, Ipsec_tools_racoon_daemon, Kernel, Layer_2_tunneling_protocol, Linux_kernel, Linux_kernel_i40e/i40evf

2022-09-28

N/A

6.5 MEDIUM

Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to tamper with the contents of the Omnibox (URL bar) via a crafted HTML page.

CVE-2022-0802

2022-09-28

N/A

6.5 MEDIUM

Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page.

CVE-2022-0801

2023-01-09

N/A

6.1 MEDIUM

Inappropriate implementation in HTML parser in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass XSS preventions via a crafted HTML page. (Chrome security severity: Medium)

« Previous 1 … 11,017 11,018 11,019 11,020 11,021 … 11,258 Next »