CVE-2022-4174 - Heap Corruption via Type Confusion in Chrome’s V8 Engine (Full Breakdown & Exploit Concept)
Google Chrome’s V8 JavaScript engine is core to the world’s most popular browser, handling all the heavy-lifting for JavaScript execution. On November 29,
CVE-2022-4186 - How Chrome’s Download Validation Flaw Opened the Door for Malicious Extensions
---
In late 2022, security researchers uncovered a significant flaw in Google Chrome’s download validation system. Tracked as CVE-2022-4186, this vulnerability exposed unsuspecting users
CVE-2022-4189 An attacker could bypass navigation restrictions in Chrome with a malicious extension if they convince a user to install it.
This issue was fixed in version 108.0.5359.81. In Google Chrome prior to 108.0.5359.71, an attacker could convince a user
CVE-2022-4176 An out of bounds write in Lacros Graphics in Google Chrome on Chrome OS and Lacros prior to 108.0.5359.71 allowed a remote attacker to exploit heap corruption via UI interactions.
This issue was fixed in version 9.5.5.5. The issue existed due to a race condition where the out of bounds write could
CVE-2022-39338 - How a Nextcloud user_oidc Discovery URL Bug Enabled XSS in Safari
Nextcloud is one of the most popular open-source self-hosted cloud services out there. Like many modern platforms, Nextcloud supports logging in with multiple identity providers
Episode
00:00:00
00:00:00