Chrome
by Google
Source repositories
CVEs (5,401)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-1876 | Hig | 0.57 | 8.8 | 0.01 | Jul 27, 2022 | Heap buffer overflow in DevTools in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-1874 | Hig | 0.57 | 8.8 | 0.01 | Jul 27, 2022 | Insufficient policy enforcement in Safe Browsing in Google Chrome on Mac prior to 102.0.5005.61 allowed a remote attacker to bypass downloads protection policy via a crafted HTML page. | ||
| CVE-2022-1870 | Hig | 0.57 | 8.8 | 0.01 | Jul 27, 2022 | Use after free in App Service in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. | ||
| CVE-2022-1866 | Hig | 0.57 | 8.8 | 0.01 | Jul 27, 2022 | Use after free in Tablet Mode in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific user interactions. | ||
| CVE-2022-1865 | Hig | 0.57 | 8.8 | 0.00 | Jul 27, 2022 | Use after free in Bookmarks in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction. | ||
| CVE-2022-1864 | Hig | 0.57 | 8.8 | 0.00 | Jul 27, 2022 | Use after free in WebApp Installs in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction. | ||
| CVE-2022-1863 | Hig | 0.57 | 8.8 | 0.00 | Jul 27, 2022 | Use after free in Tab Groups in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction. | ||
| CVE-2022-1861 | Hig | 0.57 | 8.8 | 0.01 | Jul 27, 2022 | Use after free in Sharing in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to enage in specific user interactions to potentially exploit heap corruption via specific user interaction. | ||
| CVE-2022-1860 | Hig | 0.57 | 8.8 | 0.01 | Jul 27, 2022 | Use after free in UI Foundations in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific user interactions. | ||
| CVE-2022-1859 | Hig | 0.57 | 8.8 | 0.01 | Jul 27, 2022 | Use after free in Performance Manager in Google Chrome prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-1857 | Hig | 0.57 | 8.8 | 0.01 | Jul 27, 2022 | Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. | ||
| CVE-2022-1856 | Hig | 0.57 | 8.8 | 0.01 | Jul 27, 2022 | Use after free in User Education in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension or specific user interaction. | ||
| CVE-2022-1855 | Hig | 0.57 | 8.8 | 0.01 | Jul 27, 2022 | Use after free in Messaging in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-1854 | Hig | 0.57 | 8.8 | 0.01 | Jul 27, 2022 | Use after free in ANGLE in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-1641 | Hig | 0.57 | 8.8 | 0.01 | Jul 26, 2022 | Use after free in Web UI Diagnostics in Google Chrome on Chrome OS prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interaction. | ||
| CVE-2022-1640 | Hig | 0.57 | 8.8 | 0.01 | Jul 26, 2022 | Use after free in Sharing in Google Chrome prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-1639 | Hig | 0.57 | 8.8 | 0.01 | Jul 26, 2022 | Use after free in ANGLE in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-1638 | Hig | 0.57 | 8.8 | 0.01 | Jul 26, 2022 | Heap buffer overflow in V8 Internationalization in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-1636 | Hig | 0.57 | 8.8 | 0.01 | Jul 26, 2022 | Use after free in Performance APIs in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2022-1635 | Hig | 0.57 | 8.8 | 0.01 | Jul 26, 2022 | Use after free in Permission Prompts in Google Chrome prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interactions. |
- risk 0.57cvss 8.8epss 0.01
Heap buffer overflow in DevTools in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.01
Insufficient policy enforcement in Safe Browsing in Google Chrome on Mac prior to 102.0.5005.61 allowed a remote attacker to bypass downloads protection policy via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.01
Use after free in App Service in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.
- risk 0.57cvss 8.8epss 0.01
Use after free in Tablet Mode in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific user interactions.
- risk 0.57cvss 8.8epss 0.00
Use after free in Bookmarks in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction.
- risk 0.57cvss 8.8epss 0.00
Use after free in WebApp Installs in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction.
- risk 0.57cvss 8.8epss 0.00
Use after free in Tab Groups in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction.
- risk 0.57cvss 8.8epss 0.01
Use after free in Sharing in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to enage in specific user interactions to potentially exploit heap corruption via specific user interaction.
- risk 0.57cvss 8.8epss 0.01
Use after free in UI Foundations in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific user interactions.
- risk 0.57cvss 8.8epss 0.01
Use after free in Performance Manager in Google Chrome prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.01
Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass file system restrictions via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.01
Use after free in User Education in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension or specific user interaction.
- risk 0.57cvss 8.8epss 0.01
Use after free in Messaging in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.01
Use after free in ANGLE in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.01
Use after free in Web UI Diagnostics in Google Chrome on Chrome OS prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interaction.
- risk 0.57cvss 8.8epss 0.01
Use after free in Sharing in Google Chrome prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.01
Use after free in ANGLE in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.01
Heap buffer overflow in V8 Internationalization in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.01
Use after free in Performance APIs in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- risk 0.57cvss 8.8epss 0.01
Use after free in Permission Prompts in Google Chrome prior to 101.0.4951.64 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific user interactions.
Page 57 of 271