Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fedoraproject fedora 36 vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2021-23414
This affects the package video.js prior to 7.14.3. The src attribute of track tag allows to bypass HTML escaping and execute arbitrary code.
Videojs Video.js
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
8.8
CVSSv3
CVE-2022-0096
Use after free in Storage in Google Chrome before 97.0.4692.71 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
9.6
CVSSv3
CVE-2022-0097
Inappropriate implementation in DevTools in Google Chrome before 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to to potentially allow extension to escape the sandbox via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
8.8
CVSSv3
CVE-2022-0099
Use after free in Sign-in in Google Chrome before 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gesture.
Google Chrome
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
8.8
CVSSv3
CVE-2022-0102
Type confusion in V8 in Google Chrome before 97.0.4692.71 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
8.8
CVSSv3
CVE-2022-0106
Use after free in Autofill in Google Chrome before 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
8.8
CVSSv3
CVE-2022-0107
Use after free in File Manager API in Google Chrome on Chrome OS before 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
6.5
CVSSv3
CVE-2022-0108
Inappropriate implementation in Navigation in Google Chrome before 97.0.4692.71 allowed a remote malicious user to leak cross-origin data via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
6.5
CVSSv3
CVE-2022-0109
Inappropriate implementation in Autofill in Google Chrome before 97.0.4692.71 allowed a remote malicious user to obtain potentially sensitive information via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
6.5
CVSSv3
CVE-2022-0111
Inappropriate implementation in Navigation in Google Chrome before 97.0.4692.71 allowed a remote malicious user to incorrectly set origin via a crafted HTML page.
Google Chrome
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »