CVE-2022-0801 - Breaking Down the Chrome HTML Parser Bug That Let Hackers Bypass XSS Protection
Chrome is one of the most trusted and widely used web browsers, but even Google’s top engineers can make mistakes. One such slip, tracked
CVE-2022-22761 - How a Firefox & Thunderbird Bug Left Web Extensions Open to Clickjacking Attacks
In early 2022, security researchers discovered a significant vulnerability in Mozilla Firefox, Thunderbird, and the Firefox ESR (Extended Support Release). Known as CVE-2022-22761,
CVE-2022-0511 - How Memory Safety Bugs in Firefox <97 Could Let Attackers Run Code
In early 2022, Mozilla patched serious memory safety bugs in Firefox found by brilliant Mozilla developers and community contributors: Gabriele Svelto, Sebastian Hengst, Randell Jesup,
CVE-2022-26486 An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw.
The issue is triggered when WebGPU is enabled in a site and a malformed message is received by the browser. By sending a malformed message,
CVE-2022-22759 An iframe with sandboxed scripts wouldn't allow scripts if a document append element has a JavaScript event handler.
An iframe can have an event handler that runs scripts on the iframe's parent. The event can be prevented from running by blocking
Episode
00:00:00
00:00:00