CVE-2021-27862 Filtering on the Layer 2 network can be bypassed using invalid LLC/SNAP headers and Ethernet to Wifi frame conversion.
These types of bypasses are possible if the device that is being targeted is running an operating system that supports these Layer 2 technologies. Operating
CVE-2022-3050 Heap buffer overflow in WebUI in Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to exploit heap corruption.
CVE-2018-5602 has been assigned to this issue. Google confirmed this vulnerability was limited to privileged users who had full control of the browser, rather than
CVE-2022-3046 An attacker who convinced a user to install a malicious extension could exploit heap corruption after an After Free in Google Chrome 105.0.5195.52.
Google advised users to always install extensions from trusted sources and avoid clicking on them unless they are known to be safe. Google Chrome prior
CVE-2022-3040 An after free vulnerability in Layout in Google Chrome before 105.0.5195.52 could lead to heap corruption.
Note that this issue was with the media plugin and has fixed in the latest media release. CVE-2018-6109 In Google Chrome prior to 105.0.
CVE-2022-3197 An after free vulnerability in Google Chrome could be exploited to cause heap corruption.
CVE-2018-6050 was assigned this issue. As of writing this advisory, it is still unclear whether this issue can be exploited to achieve remote code execution.
Episode
00:00:00
00:00:00