CVE-2022-3886 - Exploiting a Use-After-Free in Chrome Speech Recognition — Deep Dive and PoC
CVE-2022-3886 is a "use-after-free" vulnerability in the Speech Recognition component of Google Chrome, fixed in version 107..5304.106. This bug allowed a
CVE-2022-3889 - Exploiting Type Confusion in Chrome's V8 Engine for Heap Corruption
Summary:
In October 2022, security researchers discovered a high-severity vulnerability — CVE-2022-3889 — in V8, the JavaScript engine used by Google Chrome. This bug, specifically a type
CVE-2022-3888 An attacker can exploit heap corruption in Google Chrome prior to 107.0.5304.106 to gain remote access.
Note that this issue was only fixed in the current Chromium version. Google Chrome prior to version 107.0.5304.106 had a use after
CVE-2022-20450 - Android Local Privilege Escalation via Missing Permission Check in PermissionManagerServiceImpl
In November 2022, a new vulnerability—CVE-2022-20450—was disclosed by Google affecting multiple versions of Android. This vulnerability allows malicious local apps to escalate their
CVE-2022-20463 - How a Logic Error in Android’s WifiServiceImpl Lets WiFi Settings Survive a Factory Reset
If you’ve ever wiped your Android device expecting it to start over as new, you trust that all your custom settings—networks, logins, and
Episode
00:00:00
00:00:00