Filtered by vendor Google
Subscribe
Total
12830 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-1310 | 1 Google | 1 Chrome | 2022-08-30 | N/A | 8.8 HIGH |
| Use after free in regular expressions in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-1307 | 1 Google | 2 Android, Chrome | 2022-08-30 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in full screen in Google Chrome on Android prior to 100.0.4896.88 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | |||||
| CVE-2022-1308 | 1 Google | 1 Chrome | 2022-08-30 | N/A | 8.8 HIGH |
| Use after free in BFCache in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-1306 | 1 Google | 1 Chrome | 2022-08-30 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in compositing in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | |||||
| CVE-2022-1309 | 1 Google | 1 Chrome | 2022-08-30 | N/A | 9.6 CRITICAL |
| Insufficient policy enforcement in developer tools in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | |||||
| CVE-2022-1313 | 1 Google | 1 Chrome | 2022-08-30 | N/A | 8.8 HIGH |
| Use after free in tab groups in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-1478 | 1 Google | 1 Chrome | 2022-08-30 | N/A | 8.8 HIGH |
| Use after free in SwiftShader in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-1479 | 1 Google | 1 Chrome | 2022-08-30 | N/A | 8.8 HIGH |
| Use after free in ANGLE in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-1477 | 1 Google | 1 Chrome | 2022-08-30 | N/A | 8.8 HIGH |
| Use after free in Vulkan in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-1312 | 1 Google | 1 Chrome | 2022-08-30 | N/A | 9.6 CRITICAL |
| Use after free in storage in Google Chrome prior to 100.0.4896.88 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. | |||||
| CVE-2022-1311 | 1 Google | 2 Chrome, Chrome Os | 2022-08-30 | N/A | 8.8 HIGH |
| Use after free in shell in Google Chrome on ChromeOS prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-20122 | 1 Google | 1 Android | 2022-08-29 | N/A | 9.8 CRITICAL |
| The PowerVR GPU driver allows unprivileged apps to allocated pinned memory, unpin it (which makes it available to be freed), and continue using the page in GPU calls. No privileges required and this results in kernel memory corruption.Product: AndroidVersions: Android SoCAndroid ID: A-232441339 | |||||
| CVE-2021-39815 | 1 Google | 1 Android | 2022-08-29 | N/A | 9.8 CRITICAL |
| The PowerVR GPU driver allows unprivileged apps to allocated pinned memory, unpin it (which makes it available to be freed), and continue using the page in GPU calls. No privileges required and this results in kernel memory corruption.Product: AndroidVersions: Android SoCAndroid ID: A-232440670 | |||||
| CVE-2021-0891 | 1 Google | 1 Android | 2022-08-27 | N/A | 7.5 HIGH |
| An unprivileged app can trigger PowerVR driver to return an uninitialized heap memory causing information disclosure.Product: AndroidVersions: Android SoCAndroid ID: A-236849490 | |||||
| CVE-2021-0698 | 1 Google | 1 Android | 2022-08-25 | N/A | 5.5 MEDIUM |
| In PVRSRVBridgeHeapCfgHeapDetails, there is a possible leak of kernel heap content due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-236848165 | |||||
| CVE-2021-0887 | 1 Google | 1 Android | 2022-08-25 | N/A | 5.5 MEDIUM |
| In PVRSRVBridgeHeapCfgHeapConfigName, there is a possible leak of kernel heap content due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-236848817 | |||||
| CVE-2021-25356 | 1 Google | 1 Android | 2022-08-24 | 7.2 HIGH | 8.8 HIGH |
| An improper caller check vulnerability in Managed Provisioning prior to SMR APR-2021 Release 1 allows unprivileged application to install arbitrary application, grant device admin permission and then delete several installed application. | |||||
| CVE-2022-20325 | 1 Google | 1 Android | 2022-08-18 | N/A | 7.8 HIGH |
| In Media, there is a possible code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-186473060 | |||||
| CVE-2022-20324 | 1 Google | 1 Android | 2022-08-18 | N/A | 5.5 MEDIUM |
| In Framework, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-187042120 | |||||
| CVE-2022-20319 | 1 Google | 1 Android | 2022-08-18 | N/A | 7.8 HIGH |
| In DreamServices, there is a possible way to launch arbitrary protected activities due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-189574230 | |||||