VYPR

Chrome

by Google

Source repositories

CVEs (5,374)

  • CVE-2022-1875MedJul 27, 2022
    risk 0.28cvss 4.3epss 0.01

    Inappropriate implementation in PDF in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

  • CVE-2022-1872MedJul 27, 2022
    risk 0.28cvss 4.3epss 0.00

    Insufficient policy enforcement in Extensions API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass downloads policy via a crafted HTML page.

  • CVE-2022-1871MedJul 27, 2022
    risk 0.28cvss 4.3epss 0.00

    Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass file system policy via a crafted HTML page.

  • CVE-2022-1637MedJul 26, 2022
    risk 0.28cvss 4.3epss 0.01

    Inappropriate implementation in Web Contents in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

  • CVE-2022-1498MedJul 26, 2022
    risk 0.28cvss 4.3epss 0.01

    Inappropriate implementation in HTML Parser in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

  • CVE-2022-1495MedJul 26, 2022
    risk 0.28cvss 4.3epss 0.01

    Incorrect security UI in Downloads in Google Chrome on Android prior to 101.0.4951.41 allowed a remote attacker to spoof the APK downloads dialog via a crafted HTML page.

  • CVE-2022-1488MedJul 26, 2022
    risk 0.28cvss 4.3epss 0.01

    Inappropriate implementation in Extensions API in Google Chrome prior to 101.0.4951.41 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension.

  • CVE-2022-1307MedJul 25, 2022
    risk 0.28cvss 4.3epss 0.01

    Inappropriate implementation in full screen in Google Chrome on Android prior to 100.0.4896.88 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

  • CVE-2022-1306MedJul 25, 2022
    risk 0.28cvss 4.3epss 0.01

    Inappropriate implementation in compositing in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

  • CVE-2022-0118MedFeb 12, 2022
    risk 0.28cvss 4.3epss 0.01

    Inappropriate implementation in WebShare in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially hide the contents of the Omnibox (URL bar) via a crafted HTML page.

  • CVE-2022-0116MedFeb 12, 2022
    risk 0.28cvss 4.3epss 0.01

    Inappropriate implementation in Compositing in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

  • CVE-2022-0112MedFeb 12, 2022
    risk 0.28cvss 4.3epss 0.01

    Incorrect security UI in Browser UI in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to display missing URL or incorrect URL via a crafted URL.

  • CVE-2022-0110MedFeb 12, 2022
    risk 0.28cvss 4.3epss 0.01

    Incorrect security UI in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

  • CVE-2021-38020MedDec 23, 2021
    risk 0.28cvss 4.3epss 0.01

    Insufficient policy enforcement in contacts picker in Google Chrome on Android prior to 96.0.4664.45 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

  • CVE-2021-38004MedNov 23, 2021
    risk 0.28cvss 4.3epss 0.01

    Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

  • CVE-2021-37971MedOct 8, 2021
    risk 0.28cvss 4.3epss 0.01

    Incorrect security UI in Web Browser UI in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

  • CVE-2021-37968MedOct 8, 2021
    risk 0.28cvss 4.3epss 0.01

    Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

  • CVE-2021-37967MedOct 8, 2021
    risk 0.28cvss 4.3epss 0.01

    Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page.

  • CVE-2021-37966MedOct 8, 2021
    risk 0.28cvss 4.3epss 0.01

    Inappropriate implementation in Compositing in Google Chrome on Android prior to 94.0.4606.54 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

  • CVE-2021-37965MedOct 8, 2021
    risk 0.28cvss 4.3epss 0.01

    Inappropriate implementation in Background Fetch API in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

Page 167 of 269