CVE-2022-0605 The API in Google Chrome allowed an attacker to exploit heap corruption after an extension is installed and a user is convinced to interact.
An attacker could trick a user to install a malicious extension and convince a user to interact with the page such as clicking on a
CVE-2022-0604 An attacker who convinced a user to install a malicious extension could exploit a heap buffer overflow via a crafted HTML page.
An attacker could also potentially exploit these issues by convincing a user to install a malicious extension.
CVE-2018-6025 Chrome on Android before the 2018Q3 release,
CVE-2022-27226 An issue was found in iRZ Mobile routers' /api/crontab that allows a threat actor to create a crontab entry.
This issue affects all iRZ router models.
iRZ Mobile routers running firmware up to and including 1.1.8 (released on 2019-01-04) are vulnerable. iRZ
CVE-2022-22592 Improved state management was addressed in iOS 15.3, iPadOS 15.3, watchOS 8.4, tvOS 15.3, and Safari 15.3.
This issue is addressed by allowing the X-Frame-Options response header to be set. A maliciously crafted website could exploit this vulnerability to access content protected
CVE-2022-24522 - Understanding the Skype Extension for Chrome Information Disclosure Vulnerability
CVE-2022-24522 is a security vulnerability discovered in the Skype extension for Google Chrome. This bug could allow malicious websites to bypass security controls and gain
Episode
00:00:00
00:00:00