Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Google Subscribe
Filtered by product Chrome
Total 3628 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-0128 1 Google 2 Chrome, Chrome Os 2024-11-21 N/A 8.8 HIGH
Use after free in Overview Mode in Google Chrome on Chrome OS prior to 109.0.5414.74 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-4955 1 Google 1 Chrome 2024-11-21 N/A 6.5 MEDIUM
Inappropriate implementation in DevTools in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)
CVE-2022-4926 2 Fedoraproject, Google 3 Fedora, Android, Chrome 2024-11-21 N/A 6.5 MEDIUM
Insufficient policy enforcement in Intents in Google Chrome on Android prior to 109.0.5414.119 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)
CVE-2022-4925 1 Google 1 Chrome 2024-11-21 N/A 6.5 MEDIUM
Insufficient validation of untrusted input in QUIC in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to perform header splitting via malicious network traffic. (Chromium security severity: Low)
CVE-2022-4924 1 Google 1 Chrome 2024-11-21 N/A 9.6 CRITICAL
Use after free in WebRTC in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2022-4923 1 Google 1 Chrome 2024-11-21 N/A 3.1 LOW
Inappropriate implementation in Omnibox in Google Chrome prior to 99.0.4844.51 allowed an attacker in a privileged network position to perform a man-in-the-middle attack via malicious network traffic. (Chromium security severity: Low)
CVE-2022-4922 1 Google 1 Chrome 2024-11-21 N/A 6.5 MEDIUM
Inappropriate implementation in Blink in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVE-2022-4921 1 Google 1 Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Accessibility in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Low)
CVE-2022-4920 1 Google 1 Chrome 2024-11-21 N/A 9.6 CRITICAL
Heap buffer overflow in Blink in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2022-4919 1 Google 1 Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Base Internals in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
CVE-2022-4918 1 Google 1 Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in UI in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Medium)
CVE-2022-4917 2 Fedoraproject, Google 3 Fedora, Android, Chrome 2024-11-21 N/A 4.3 MEDIUM
Incorrect security UI in Notifications in Google Chrome on Android prior to 103.0.5060.53 allowed a remote attacker to obscure the full screen notification via a crafted HTML page. (Chromium security severity: Low)
CVE-2022-4916 1 Google 1 Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Media in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
CVE-2022-4915 1 Google 1 Chrome 2024-11-21 N/A 6.5 MEDIUM
Inappropriate implementation in URL Formatting in Google Chrome prior to 103.0.5060.134 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVE-2022-4914 1 Google 1 Chrome 2024-11-21 N/A 8.8 HIGH
Heap buffer overflow in PrintPreview in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
CVE-2022-4913 1 Google 1 Chrome 2024-11-21 N/A 6.5 MEDIUM
Inappropriate implementation in Extensions in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who had compromised the renderer process to spoof extension storage via a crafted HTML page. (Chromium security severity: High)
CVE-2022-4912 1 Google 1 Chrome 2024-11-21 N/A 8.8 HIGH
Type Confusion in MathML in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-4911 1 Google 1 Chrome 2024-11-21 N/A 6.5 MEDIUM
Insufficient data validation in DevTools in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)
CVE-2022-4910 1 Google 1 Chrome 2024-11-21 N/A 5.4 MEDIUM
Inappropriate implementation in Autofill in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)
CVE-2022-4909 1 Google 1 Chrome 2024-11-21 N/A 6.3 MEDIUM
Inappropriate implementation in XML in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially perform an ASLR bypass via a crafted HTML page. (Chromium security severity: Low)