VYPR

Vendor CVEs

Google

All CVEs

11,335 total · sorted by risk
  • CVE-2022-4177HigNov 30, 2022
    risk 0.57cvss 8.8epss 0.00

    Use after free in Extensions in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install an extension to potentially exploit heap corruption via a crafted Chrome Extension and UI interaction. (Chromium security severity: High)

  • CVE-2022-4176HigNov 30, 2022
    risk 0.57cvss 8.8epss 0.01

    Out of bounds write in Lacros Graphics in Google Chrome on Chrome OS and Lacros prior to 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interactions. (Chromium security severity:…

  • CVE-2022-4175HigNov 30, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Camera Capture in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-4174HigNov 30, 2022
    risk 0.57cvss 8.8epss 0.01

    Type confusion in V8 in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3450HigNov 9, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Peer Connection in Google Chrome prior to 106.0.5249.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3449HigNov 9, 2022
    risk 0.57cvss 8.8epss 0.00

    Use after free in Safe Browsing in Google Chrome prior to 106.0.5249.119 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)

  • CVE-2022-3448HigNov 9, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Permissions API in Google Chrome prior to 106.0.5249.119 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3446HigNov 9, 2022
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in WebSQL in Google Chrome prior to 106.0.5249.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3445HigNov 9, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Skia in Google Chrome prior to 106.0.5249.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3889HigNov 9, 2022
    risk 0.57cvss 8.8epss 0.01

    Type confusion in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3888HigNov 9, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in WebCodecs in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3887HigNov 9, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Web Workers in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3886HigNov 9, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Speech Recognition in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3885HigNov 9, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3659HigNov 1, 2022
    risk 0.57cvss 8.8epss 0.00

    Use after free in Accessibility in Google Chrome on Chrome OS prior to 107.0.5304.62 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions. (Chromium security severity: Medium)

  • CVE-2022-3658HigNov 1, 2022
    risk 0.57cvss 8.8epss 0.00

    Use after free in Feedback service on Chrome OS in Google Chrome on Chrome OS prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium)

  • CVE-2022-3657HigNov 1, 2022
    risk 0.57cvss 8.8epss 0.00

    Use after free in Extensions in Google Chrome prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium)

  • CVE-2022-3656HigNov 1, 2022
    risk 0.57cvss 8.8epss 0.02

    Insufficient data validation in File System in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2022-3655HigNov 1, 2022
    risk 0.57cvss 8.8epss 0.00

    Heap buffer overflow in Media Galleries in Google Chrome prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2022-3653HigNov 1, 2022
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in Vulkan in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3652HigNov 1, 2022
    risk 0.57cvss 8.8epss 0.01

    Type confusion in V8 in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3315HigNov 1, 2022
    risk 0.57cvss 8.8epss 0.01

    Type confusion in Blink in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2022-3307HigNov 1, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in media in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3306HigNov 1, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in survey in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3305HigNov 1, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in survey in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3304HigNov 1, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in CSS in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3373HigNov 1, 2022
    risk 0.57cvss 8.8epss 0.01

    Out of bounds write in V8 in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3370HigNov 1, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Custom Elements in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-20429HigOct 11, 2022
    risk 0.57cvss 8.8epss 0.00

    In CarSettings of app packages, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2022-3200HigSep 26, 2022
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in Internals in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3199HigSep 26, 2022
    risk 0.57cvss 8.8epss 0.02

    Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3198HigSep 26, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)

  • CVE-2022-3197HigSep 26, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)

  • CVE-2022-3196HigSep 26, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)

  • CVE-2022-3195HigSep 26, 2022
    risk 0.57cvss 8.8epss 0.01

    Out of bounds write in Storage in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-3071HigSep 26, 2022
    risk 0.57cvss 8.8epss 0.00

    Use after free in Tab Strip in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interaction.

  • CVE-2022-3058HigSep 26, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Sign-In Flow in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interaction.

  • CVE-2022-3055HigSep 26, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Passwords in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-3052HigSep 26, 2022
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in Window Manager in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions.

  • CVE-2022-3051HigSep 26, 2022
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in Exosphere in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions.

  • CVE-2022-3050HigSep 26, 2022
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in WebUI in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions.

  • CVE-2022-3049HigSep 26, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in SplitScreen in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-3046HigSep 26, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Browser Tag in Google Chrome prior to 105.0.5195.52 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-3045HigSep 26, 2022
    risk 0.57cvss 8.8epss 0.01

    Insufficient validation of untrusted input in V8 in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-3043HigSep 26, 2022
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in Screen Capture in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-3042HigSep 26, 2022
    risk 0.57cvss 8.8epss 0.00

    Use after free in PhoneHub in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-3041HigSep 26, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in WebSQL in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-3040HigSep 26, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Layout in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-3039HigSep 26, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in WebSQL in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-2859HigSep 26, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Chrome OS Shell in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions.

Page 27 of 227