David Erceg

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 122.0.6261.57 Microsoft Edge (affected versions not specified) **Description** The issue is related to an inappropriate implementation in the Navigation function of the browsers, allowing a remote attacker to bypass existing security restrictions using a specially crafted HTML page. This could potentially lead to security bypasses. The severity of this issue is classified as medium by Chromium. **Recommendations** For Google Chrome versions prior to 122.0.6261.57, update to version 122.0.6261.57 or later to resolve the issue. For Microsoft Edge, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Edge (Chromium-based) **Description** The issue is related to synchronization errors when using a shared resource, which can allow an attacker to elevate their privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Edge (Chromium-based) (affected versions not specified) **Description** The issue is related to insufficient input validation in Microsoft Edge. It may allow a remote attacker to execute arbitrary code with elevated privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Edge (Chromium-based) (affected versions not specified) **Description** The issue is related to insufficient input validation in Microsoft Edge. It may allow a remote attacker to execute arbitrary code with elevated privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 103.0.5060.53 **Description** The issue is related to insufficient policy enforcement in DevTools, allowing an attacker to obtain potentially sensitive information from a user's local files via a crafted HTML page if a malicious extension is installed. This is a result of inadequate access control restrictions. **Recommendations** For versions prior to 103.0.5060.53, update to version 103.0.5060.53 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Microsoft Edge (Chromium-based) (affected versions not specified) **Description** The issue is related to insufficient input validation in Microsoft Edge, which can be exploited by a remote attacker to execute arbitrary code. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Edge (Chromium-based) **Description** The issue is related to synchronization errors when using a shared resource, allowing a remote attacker to potentially elevate their privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Edge (Chromium-based) (affected versions not specified) **Description** The issue is related to synchronization errors when using a shared resource in Microsoft Edge. It may allow a remote attacker to elevate their privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 102.0.5005.61 **Description** The issue is related to a use after free vulnerability in the Tab Groups component of Google Chrome. This could allow a remote attacker to impact the confidentiality, integrity, and availability of protected information by exploiting heap corruption via a crafted Chrome Extension and specific user interaction. **Recommendations** For Google Chrome versions prior to 102.0.5005.61, update to version 102.0.5005.61 or later to resolve the issue. As a temporary workaround, consider restricting the installation of extensions to minimize the risk of exploitation. Avoid using crafted Chrome Extensions until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Microsoft Edge (Chromium-based) (affected versions not specified) **Description** The issue is related to insufficient input validation in Microsoft Edge. It may allow a remote attacker to elevate their privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Edge (Chromium-based) (affected versions not specified) **Description** The issue is related to insufficient access controls in Microsoft Edge, allowing a remote attacker to bypass security restrictions, elevate privileges, or execute arbitrary code by opening a specially crafted malicious web page. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Edge (Chromium-based) (affected versions not specified) **Description** The issue is related to incorrect code generation management in the browser. It may allow a remote attacker to elevate their privileges using a specially crafted web page. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Edge (Chromium-based) (affected versions not specified) **Description** The issue is related to incorrect code generation management in the browser. It can be exploited by a remote attacker using a specially crafted web page to elevate their privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Edge (Chromium-based) (affected versions not specified) **Description** The issue is related to incorrect code generation management in the browser. It can be exploited by a remote attacker using a specially crafted web page to elevate privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Edge (Chromium-based) (affected versions not specified) **Description** The issue is related to incorrect code generation management in the browser. It can be exploited by a remote attacker using a specially crafted web page to elevate their privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Edge (Chromium-based) (affected versions not specified) **Description** The issue is related to incorrect code generation management in the browser. It can be exploited by a remote attacker using a specially crafted web page to elevate privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Edge (Chromium-based) (affected versions not specified) **Description** The issue is related to incorrect code generation management in the browser. It can be exploited by a remote attacker using a specially crafted web page to elevate their privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Edge (Chromium-based) **Description** The issue is related to incorrect code generation management in the browser, which can be exploited by a remote attacker to elevate their privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Edge (Chromium-based) versions (affected versions not specified) **Description** The issue is related to incorrect code generation management in the browser, allowing a remote attacker to bypass security restrictions and elevate privileges using a specially crafted malicious web page. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Edge (Chromium-based) (affected versions not specified) **Description** The issue is related to insecure privilege management in the browser, which could allow an attacker to elevate their privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.