VYPR

Vendor CVEs

Google

All CVEs

11,338 total · sorted by risk
  • CVE-2022-4919HigJul 29, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in Base Internals in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-4918HigJul 29, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in UI in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2022-4916HigJul 29, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in Media in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-4914HigJul 29, 2023
    risk 0.57cvss 8.8epss 0.00

    Heap buffer overflow in PrintPreview in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2022-4912HigJul 29, 2023
    risk 0.57cvss 8.8epss 0.01

    Type Confusion in MathML in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-4907HigJul 29, 2023
    risk 0.57cvss 8.8epss 0.01

    Uninitialized Use in FFmpeg in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2021-4322HigJul 29, 2023
    risk 0.57cvss 8.8epss 0.00

    Use after free in DevTools in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: Medium)

  • CVE-2021-4320HigJul 29, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in Blink in Google Chrome prior to 92.0.4515.107 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

  • CVE-2021-4319HigJul 29, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in Blink in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

  • CVE-2021-4318HigJul 29, 2023
    risk 0.57cvss 8.8epss 0.01

    Object corruption in Blink in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2021-4317HigJul 29, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-3598HigJul 28, 2023
    risk 0.57cvss 8.8epss 0.01

    Out of bounds read and write in ANGLE in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-3422HigJun 26, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in Guest View in Google Chrome prior to 114.0.5735.198 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-3421HigJun 26, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in Media in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-21127HigJun 15, 2023
    risk 0.57cvss 8.8epss 0.00

    In readSampleData of NuMediaExtractor.cpp, there is a possible out of bounds write due to uninitialized data. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11…

  • CVE-2023-21115HigJun 15, 2023
    risk 0.57cvss 8.8epss 0.00

    In btm_sec_encrypt_change of btm_sec.cc, there is a possible way to downgrade the link key type due to improperly used crypto. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2023-21108HigJun 15, 2023
    risk 0.57cvss 8.8epss 0.00

    In sdpu_build_uuid_seq of sdp_discovery.cc, there is a possible out of bounds write due to a use after free. This could lead to remote code execution over Bluetooth, if HFP support is enabled, with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2023-3216HigJun 13, 2023
    risk 0.57cvss 8.8epss 0.01

    Type confusion in V8 in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-3214HigJun 13, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

  • CVE-2023-2934HigMay 30, 2023
    risk 0.57cvss 8.8epss 0.01

    Out of bounds memory access in Mojo in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-2933HigMay 30, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in PDF in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)

  • CVE-2023-2932HigMay 30, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in PDF in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)

  • CVE-2023-2931HigMay 30, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in PDF in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)

  • CVE-2023-2930HigMay 30, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in Extensions in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-2929HigMay 30, 2023
    risk 0.57cvss 8.8epss 0.01

    Out of bounds write in Swiftshader in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-2726HigMay 16, 2023
    risk 0.57cvss 8.8epss 0.01

    Inappropriate implementation in WebApp Installs in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious web app to bypass install dialog via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2023-2722HigMay 16, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in Autofill UI in Google Chrome on Android prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-2721HigMay 16, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in Navigation in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

  • CVE-2023-2458HigMay 12, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in ChromeOS Camera in Google Chrome on ChromeOS prior to 113.0.5672.114 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via UI interaction. (Chromium security severity: High)

  • CVE-2023-2457HigMay 12, 2023
    risk 0.57cvss 8.8epss 0.00

    Out of bounds write in ChromeOS Audio Server in Google Chrome on ChromeOS prior to 113.0.5672.114 allowed a remote attacker to potentially exploit heap corruption via crafted audio file. (Chromium security severity: High)

  • CVE-2023-2461HigMay 3, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in OS Inputs in Google Chrome on ChromeOS prior to 113.0.5672.63 allowed a remote attacker who convinced a user to enage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: Medium)

  • CVE-2023-21085HigApr 19, 2023
    risk 0.57cvss 8.8epss 0.00

    In nci_snd_set_routing_cmd of nci_hmsgs.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2023-2137HigApr 19, 2023
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2023-2134HigApr 19, 2023
    risk 0.57cvss 8.8epss 0.01

    Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-2133HigApr 19, 2023
    risk 0.57cvss 8.8epss 0.01

    Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-1820HigApr 4, 2023
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in Browser History in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2023-1818HigApr 4, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in Vulkan in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2023-1815HigApr 4, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in Networking APIs in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2023-1812HigApr 4, 2023
    risk 0.57cvss 8.8epss 0.01

    Out of bounds memory access in DOM Bindings in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2023-1811HigApr 4, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in Frames in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-1810HigApr 4, 2023
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in Visuals in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-20960HigMar 24, 2023
    risk 0.57cvss 8.8epss 0.00

    In launchDeepLinkIntentToRight of SettingsHomepageActivity.java, there is a possible way to launch arbitrary activities due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for…

  • CVE-2023-1534HigMar 21, 2023
    risk 0.57cvss 8.8epss 0.01

    Out of bounds read in ANGLE in Google Chrome prior to 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-1533HigMar 21, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in WebProtect in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-1532HigMar 21, 2023
    risk 0.57cvss 8.8epss 0.01

    Out of bounds read in GPU Video in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-1531HigMar 21, 2023
    risk 0.57cvss 8.8epss 0.03

    Use after free in ANGLE in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-1530HigMar 21, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in PDF in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-1528HigMar 21, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in Passwords in Google Chrome prior to 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-1227HigMar 7, 2023
    risk 0.57cvss 8.8epss 0.00

    Use after free in Core in Google Chrome on Lacros prior to 111.0.5563.64 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: Medium)

  • CVE-2023-1222HigMar 7, 2023
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in Web Audio API in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Page 25 of 227