CVE-2022-4186 - How Chrome’s Download Validation Flaw Opened the Door for Malicious Extensions
---
In late 2022, security researchers uncovered a significant flaw in Google Chrome’s download validation system. Tracked as CVE-2022-4186, this vulnerability exposed unsuspecting users
CVE-2022-4189 An attacker could bypass navigation restrictions in Chrome with a malicious extension if they convince a user to install it.
This issue was fixed in version 108.0.5359.81. In Google Chrome prior to 108.0.5359.71, an attacker could convince a user
CVE-2022-4176 An out of bounds write in Lacros Graphics in Google Chrome on Chrome OS and Lacros prior to 108.0.5359.71 allowed a remote attacker to exploit heap corruption via UI interactions.
This issue was fixed in version 9.5.5.5. The issue existed due to a race condition where the out of bounds write could
CVE-2022-41676 Raiden MAILD Mail Server website mail field has insufficient filtering for user input
The issue is reported in the 'Website Mail Field' plugin that enables users to send email from the website. Users do not have
CVE-2022-3834 - How a Google Forms WordPress Plugin Bug Exposes Sites to Admin XSS Attacks
Security vulnerabilities in WordPress plugins are a known theme, but sometimes they land in surprising places. CVE-2022-3834 is one of those: it hit the popular
Episode
00:00:00
00:00:00