Total
3671 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-1867 | 1 Google | 1 Chrome | 2023-08-08 | N/A | 6.5 MEDIUM |
| Insufficient validation of untrusted input in Data Transfer in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass same origin policy via a crafted clipboard content. | |||||
| CVE-2022-1874 | 2 Apple, Google | 2 Macos, Chrome | 2023-08-08 | N/A | 8.8 HIGH |
| Insufficient policy enforcement in Safe Browsing in Google Chrome on Mac prior to 102.0.5005.61 allowed a remote attacker to bypass downloads protection policy via a crafted HTML page. | |||||
| CVE-2022-0799 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2023-08-08 | 6.8 MEDIUM | 8.8 HIGH |
| Insufficient policy enforcement in Installer in Google Chrome on Windows prior to 99.0.4844.51 allowed a remote attacker to perform local privilege escalation via a crafted offline installer file. | |||||
| CVE-2022-1139 | 1 Google | 1 Chrome | 2023-08-08 | N/A | 6.5 MEDIUM |
| Inappropriate implementation in Background Fetch API in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2022-0610 | 1 Google | 1 Chrome | 2023-08-08 | 6.8 MEDIUM | 8.8 HIGH |
| Inappropriate implementation in Gamepad API in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-0797 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2023-08-08 | 6.8 MEDIUM | 8.8 HIGH |
| Out of bounds memory access in Mojo in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. | |||||
| CVE-2022-3318 | 1 Google | 2 Chrome, Chrome Os | 2023-08-08 | N/A | 4.3 MEDIUM |
| Use after free in ChromeOS Notifications in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker who convinced a user to reboot Chrome OS to potentially exploit heap corruption via UI interaction. (Chromium security severity: Low) | |||||
| CVE-2021-21126 | 2 Google, Microsoft | 2 Chrome, Edge Chromium | 2023-08-08 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension. | |||||
| CVE-2022-1482 | 1 Google | 1 Chrome | 2023-08-08 | N/A | 6.5 MEDIUM |
| Inappropriate implementation in WebGL in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-0301 | 1 Google | 1 Chrome | 2023-08-08 | 6.8 MEDIUM | 7.8 HIGH |
| Heap buffer overflow in DevTools in Google Chrome prior to 97.0.4692.99 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-0809 | 1 Google | 1 Chrome | 2023-08-08 | 6.8 MEDIUM | 8.8 HIGH |
| Out of bounds memory access in WebXR in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-4100 | 1 Google | 1 Chrome | 2023-08-08 | 6.8 MEDIUM | 8.8 HIGH |
| Object lifecycle issue in ANGLE in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-0305 | 1 Google | 1 Chrome | 2023-08-08 | 4.3 MEDIUM | 6.5 MEDIUM |
| Inappropriate implementation in Service Worker API in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. | |||||
| CVE-2022-0470 | 1 Google | 1 Chrome | 2023-08-08 | 6.8 MEDIUM | 8.8 HIGH |
| Out of bounds memory access in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2023-3729 | 1 Google | 2 Chrome, Chrome Os | 2023-08-04 | N/A | 8.8 HIGH |
| Use after free in Splitscreen in Google Chrome on ChromeOS prior to 115.0.5790.131 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions. (Chromium security severity: High) | |||||
| CVE-2023-3497 | 1 Google | 2 Chrome, Chrome Os | 2023-07-29 | N/A | 4.6 MEDIUM |
| Out of bounds read in Google Security Processor firmware in Google Chrome on Chrome OS prior to 114.0.5735.90 allowed a local attacker to perform denial of service via physical access to the device. (Chromium security severity: Medium) | |||||
| CVE-2013-6629 | 9 Artifex, Canonical, Debian and 6 more | 12 Gpl Ghostscript, Ubuntu Linux, Debian Linux and 9 more | 2023-06-21 | 5.0 MEDIUM | N/A |
| The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image. | |||||
| CVE-2022-1134 | 1 Google | 1 Chrome | 2023-06-12 | N/A | 8.8 HIGH |
| Type confusion in V8 in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-3445 | 1 Google | 1 Chrome | 2023-05-03 | N/A | 8.8 HIGH |
| Use after free in Skia in Google Chrome prior to 106.0.5249.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2023-1221 | 1 Google | 1 Chrome | 2023-03-11 | N/A | 4.3 MEDIUM |
| Insufficient policy enforcement in Extensions API in Google Chrome prior to 111.0.5563.64 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severity: Medium) | |||||