Total
3671 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-4078 | 2 Debian, Google | 2 Debian Linux, Chrome | 2022-09-27 | 6.8 MEDIUM | 8.8 HIGH |
| Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2010-2179 | 3 Adobe, Google, Mozilla | 4 Air, Flash Player, Chrome and 1 more | 2022-09-15 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, when Firefox or Chrome is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to URL parsing. | |||||
| CVE-2022-1493 | 1 Google | 1 Chrome | 2022-09-01 | N/A | 8.8 HIGH |
| Use after free in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction. | |||||
| CVE-2022-1494 | 1 Google | 1 Chrome | 2022-09-01 | N/A | 6.1 MEDIUM |
| Insufficient data validation in Trusted Types in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass trusted types policy via a crafted HTML page. | |||||
| CVE-2022-1492 | 1 Google | 1 Chrome | 2022-09-01 | N/A | 6.1 MEDIUM |
| Insufficient data validation in Blink Editing in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to inject arbitrary scripts or HTML via a crafted HTML page. | |||||
| CVE-2022-1490 | 1 Google | 1 Chrome | 2022-09-01 | N/A | 8.8 HIGH |
| Use after free in Browser Switcher in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-1491 | 1 Google | 1 Chrome | 2022-09-01 | N/A | 8.8 HIGH |
| Use after free in Bookmarks in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction. | |||||
| CVE-2022-1489 | 1 Google | 2 Chrome, Chrome Os | 2022-09-01 | N/A | 8.8 HIGH |
| Out of bounds memory access in UI Shelf in Google Chrome on Chrome OS, Lacros prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific user interactions. | |||||
| CVE-2022-1488 | 1 Google | 1 Chrome | 2022-09-01 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in Extensions API in Google Chrome prior to 101.0.4951.41 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. | |||||
| CVE-2022-1487 | 1 Google | 1 Chrome | 2022-09-01 | N/A | 7.5 HIGH |
| Use after free in Ozone in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via running a Wayland test. | |||||
| CVE-2022-1232 | 1 Google | 1 Chrome | 2022-09-01 | N/A | 8.8 HIGH |
| Type confusion in V8 in Google Chrome prior to 100.0.4896.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-1144 | 1 Google | 1 Chrome | 2022-09-01 | N/A | 8.8 HIGH |
| Use after free in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools. | |||||
| CVE-2022-1142 | 1 Google | 1 Chrome | 2022-09-01 | N/A | 8.8 HIGH |
| Heap buffer overflow in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools. | |||||
| CVE-2022-1143 | 1 Google | 1 Chrome | 2022-09-01 | N/A | 8.8 HIGH |
| Heap buffer overflow in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools. | |||||
| CVE-2022-1141 | 1 Google | 1 Chrome | 2022-09-01 | N/A | 8.8 HIGH |
| Use after free in File Manager in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific user gesture. | |||||
| CVE-2022-1145 | 1 Google | 1 Chrome | 2022-09-01 | N/A | 7.5 HIGH |
| Use after free in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interaction and profile destruction. | |||||
| CVE-2022-1305 | 1 Google | 1 Chrome | 2022-08-30 | N/A | 8.8 HIGH |
| Use after free in storage in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-1481 | 2 Apple, Google | 2 Macos, Chrome | 2022-08-30 | N/A | 8.8 HIGH |
| Use after free in Sharing in Google Chrome on Mac prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-1486 | 1 Google | 1 Chrome | 2022-08-30 | N/A | 8.8 HIGH |
| Type confusion in V8 in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | |||||
| CVE-2022-1483 | 1 Google | 1 Chrome | 2022-08-30 | N/A | 8.8 HIGH |
| Heap buffer overflow in WebGPU in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | |||||