VYPR

Chrome

by Google

Source repositories

CVEs (5,374)

  • CVE-2022-1867MedJul 27, 2022
    risk 0.42cvss 6.5epss 0.01

    Insufficient validation of untrusted input in Data Transfer in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass same origin policy via a crafted clipboard content.

  • CVE-2022-1862MedJul 27, 2022
    risk 0.42cvss 6.5epss 0.00

    Inappropriate implementation in Extensions in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass profile restrictions via a crafted HTML page.

  • CVE-2022-1858MedJul 27, 2022
    risk 0.42cvss 6.5epss 0.01

    Out of bounds read in DevTools in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to perform an out of bounds memory read via specific user interaction.

  • CVE-2022-1501MedJul 26, 2022
    risk 0.42cvss 6.5epss 0.01

    Inappropriate implementation in iframe in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

  • CVE-2022-1500MedJul 26, 2022
    risk 0.42cvss 6.5epss 0.01

    Insufficient data validation in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass content security policy via a crafted HTML page.

  • CVE-2022-1497MedJul 26, 2022
    risk 0.42cvss 6.5epss 0.00

    Inappropriate implementation in Input in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to spoof the contents of cross-origin websites via a crafted HTML page.

  • CVE-2022-1482MedJul 26, 2022
    risk 0.42cvss 6.5epss 0.01

    Inappropriate implementation in WebGL in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-1146MedJul 23, 2022
    risk 0.42cvss 6.5epss 0.01

    Inappropriate implementation in Resource Timing in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

  • CVE-2022-1139MedJul 23, 2022
    risk 0.42cvss 6.5epss 0.01

    Inappropriate implementation in Background Fetch API in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

  • CVE-2022-1138MedJul 23, 2022
    risk 0.42cvss 6.5epss 0.01

    Inappropriate implementation in Web Cursor in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who had compromised the renderer process to obscure the contents of the Omnibox (URL bar) via a crafted HTML page.

  • CVE-2022-1137MedJul 23, 2022
    risk 0.42cvss 6.5epss 0.01

    Inappropriate implementation in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to leak potentially sensitive information via a crafted HTML page.

  • CVE-2022-1129MedJul 23, 2022
    risk 0.42cvss 6.5epss 0.01

    Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 100.0.4896.60 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

  • CVE-2022-1128MedJul 23, 2022
    risk 0.42cvss 6.5epss 0.01

    Inappropriate implementation in Web Share API in Google Chrome on Windows prior to 100.0.4896.60 allowed an attacker on the local network segment to leak cross-origin data via a crafted HTML page.

  • CVE-2022-0807MedApr 5, 2022
    risk 0.42cvss 6.5epss 0.01

    Inappropriate implementation in Autofill in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

  • CVE-2022-0806MedApr 5, 2022
    risk 0.42cvss 6.5epss 0.01

    Data leak in Canvas in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in screen sharing to potentially leak cross-origin data via a crafted HTML page.

  • CVE-2022-0804MedApr 5, 2022
    risk 0.42cvss 6.5epss 0.01

    Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page.

  • CVE-2022-0803MedApr 5, 2022
    risk 0.42cvss 6.5epss 0.01

    Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to tamper with the contents of the Omnibox (URL bar) via a crafted HTML page.

  • CVE-2022-0802MedApr 5, 2022
    risk 0.42cvss 6.5epss 0.01

    Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page.

  • CVE-2022-0792MedApr 5, 2022
    risk 0.42cvss 6.5epss 0.01

    Out of bounds read in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-0462MedApr 5, 2022
    risk 0.42cvss 6.5epss 0.01

    Inappropriate implementation in Scroll in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

Page 127 of 269