Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Fedoraproject Subscribe
Filtered by product Fedora
Total 4367 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-3058 2 Fedoraproject, Google 2 Fedora, Chrome 2022-10-27 N/A 8.8 HIGH
Use after free in Sign-In Flow in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interaction.
CVE-2022-3075 2 Fedoraproject, Google 2 Fedora, Chrome 2022-10-27 N/A 9.6 CRITICAL
Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2022-3056 2 Fedoraproject, Google 2 Fedora, Chrome 2022-10-27 N/A 6.5 MEDIUM
Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to bypass content security policy via a crafted HTML page.
CVE-2022-3071 2 Fedoraproject, Google 4 Fedora, Chrome, Chrome Os and 1 more 2022-10-27 N/A 8.8 HIGH
Use after free in Tab Strip in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interaction.
CVE-2022-3055 2 Fedoraproject, Google 2 Fedora, Chrome 2022-10-27 N/A 8.8 HIGH
Use after free in Passwords in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-3054 2 Fedoraproject, Google 2 Fedora, Chrome 2022-10-27 N/A 6.5 MEDIUM
Insufficient policy enforcement in DevTools in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-3040 2 Fedoraproject, Google 2 Fedora, Chrome 2022-10-27 N/A 8.8 HIGH
Use after free in Layout in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-3041 2 Fedoraproject, Google 2 Fedora, Chrome 2022-10-27 N/A 8.8 HIGH
Use after free in WebSQL in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-3042 2 Fedoraproject, Google 3 Fedora, Chrome, Chrome Os 2022-10-27 N/A 8.8 HIGH
Use after free in PhoneHub in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2861 2 Fedoraproject, Google 2 Fedora, Chrome 2022-10-27 N/A 6.5 MEDIUM
Inappropriate implementation in Extensions API in Google Chrome prior to 104.0.5112.101 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts into WebUI via a crafted HTML page.
CVE-2022-3039 2 Fedoraproject, Google 2 Fedora, Chrome 2022-10-27 N/A 8.8 HIGH
Use after free in WebSQL in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-3038 2 Fedoraproject, Google 2 Fedora, Chrome 2022-10-27 N/A 8.8 HIGH
Use after free in Network Service in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-3050 2 Fedoraproject, Google 3 Fedora, Chrome, Chrome Os 2022-10-27 N/A 8.8 HIGH
Heap buffer overflow in WebUI in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions.
CVE-2022-3047 2 Fedoraproject, Google 2 Fedora, Chrome 2022-10-27 N/A 6.5 MEDIUM
Insufficient policy enforcement in Extensions API in Google Chrome prior to 105.0.5195.52 allowed an attacker who convinced a user to install a malicious extension to bypass downloads policy via a crafted HTML page.
CVE-2022-3048 2 Fedoraproject, Google 3 Fedora, Chrome, Chrome Os 2022-10-27 N/A 6.8 MEDIUM
Inappropriate implementation in Chrome OS lockscreen in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a local attacker to bypass lockscreen navigation restrictions via physical access to the device.
CVE-2022-3045 2 Fedoraproject, Google 2 Fedora, Chrome 2022-10-27 N/A 8.8 HIGH
Insufficient validation of untrusted input in V8 in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-3046 2 Fedoraproject, Google 2 Fedora, Chrome 2022-10-27 N/A 8.8 HIGH
Use after free in Browser Tag in Google Chrome prior to 105.0.5195.52 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-3044 2 Fedoraproject, Google 2 Fedora, Chrome 2022-10-27 N/A 6.5 MEDIUM
Inappropriate implementation in Site Isolation in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.
CVE-2022-2860 2 Fedoraproject, Google 2 Fedora, Chrome 2022-10-27 N/A 6.5 MEDIUM
Insufficient policy enforcement in Cookies in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to bypass cookie prefix restrictions via a crafted HTML page.
CVE-2022-3043 2 Fedoraproject, Google 3 Fedora, Chrome, Chrome Os 2022-10-27 N/A 8.8 HIGH
Heap buffer overflow in Screen Capture in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page.