CVE-2022-3890: In-depth Analysis of Heap Buffer Overflow in Crashpad Affecting Google Chrome on Android
In this long-read post, we will discuss a security vulnerability with the code identifier CVE-2022-3890, which affects Google Chrome on Android versions prior to 107.
CVE-2022-3886 - Exploiting a Use-After-Free in Chrome Speech Recognition — Deep Dive and PoC
CVE-2022-3886 is a "use-after-free" vulnerability in the Speech Recognition component of Google Chrome, fixed in version 107..5304.106. This bug allowed a
CVE-2022-3889 - Exploiting Type Confusion in Chrome's V8 Engine for Heap Corruption
Summary:
In October 2022, security researchers discovered a high-severity vulnerability — CVE-2022-3889 — in V8, the JavaScript engine used by Google Chrome. This bug, specifically a type
CVE-2022-3888 An attacker can exploit heap corruption in Google Chrome prior to 107.0.5304.106 to gain remote access.
Note that this issue was only fixed in the current Chromium version. Google Chrome prior to version 107.0.5304.106 had a use after
CVE-2022-42956 - PassWork Extension 5..9 Flaw Exposes Master Password
In late 2022, a worrying vulnerability was discovered in the widely-used PassWork password manager browser extension, version 5..9. This security flaw (CVE-2022-42956) affects Chrome
Episode
00:00:00
00:00:00