VYPR

Vendor CVEs

Google

All CVEs

11,334 total · sorted by risk
  • CVE-2022-2858HigSep 26, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Sign-In Flow in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via specific UI interaction.

  • CVE-2022-2857HigSep 26, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Blink in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-2855HigSep 26, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in ANGLE in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-2854HigSep 26, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in SwiftShader in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-2853HigSep 26, 2022
    risk 0.57cvss 8.8epss 0.02

    Heap buffer overflow in Downloads in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-2852HigSep 26, 2022
    risk 0.57cvss 8.8epss 0.02

    Use after free in FedCM in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-2624HigAug 12, 2022
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in PDF in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted PDF file.

  • CVE-2022-2623HigAug 12, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Offline in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions.

  • CVE-2022-2621HigAug 12, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Extensions in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interactions.

  • CVE-2022-2620HigAug 12, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in WebUI in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions.

  • CVE-2022-2617HigAug 12, 2022
    risk 0.57cvss 8.8epss 0.00

    Use after free in Extensions API in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interactions.

  • CVE-2022-2614HigAug 12, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Sign-In Flow in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-2613HigAug 12, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Input in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to enage in specific user interactions to potentially exploit heap corruption via specific UI interactions.

  • CVE-2022-2609HigAug 12, 2022
    risk 0.57cvss 8.8epss 0.00

    Use after free in Nearby Share in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions.

  • CVE-2022-2608HigAug 12, 2022
    risk 0.57cvss 8.8epss 0.00

    Use after free in Overview Mode in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions.

  • CVE-2022-2607HigAug 12, 2022
    risk 0.57cvss 8.8epss 0.00

    Use after free in Tab Strip in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions.

  • CVE-2022-2606HigAug 12, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Managed devices API in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who convinced a user to enable a specific Enterprise policy to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-2604HigAug 12, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Safe Browsing in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-2603HigAug 12, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Omnibox in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-20362HigAug 12, 2022
    risk 0.57cvss 8.8epss 0.00

    In Bluetooth, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android…

  • CVE-2022-20283HigAug 12, 2022
    risk 0.57cvss 8.8epss 0.00

    In Bluetooth, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android…

  • CVE-2022-20254HigAug 12, 2022
    risk 0.57cvss 8.8epss 0.00

    In Wi-Fi, there is a permissions bypass. This could lead to local escalation of privilege from the guest user with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-223377547

  • CVE-2022-20347HigAug 10, 2022
    risk 0.57cvss 8.8epss 0.01

    In onAttach of ConnectedDeviceDashboardFragment.java, there is a possible permission bypass due to a confused deputy. This could lead to remote escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2022-20345HigAug 10, 2022
    risk 0.57cvss 8.8epss 0.00

    In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2022-2399HigJul 28, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in WebGPU in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-2481HigJul 28, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Views in Google Chrome prior to 103.0.5060.134 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via UI interaction.

  • CVE-2022-2478HigJul 28, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in PDF in Google Chrome prior to 103.0.5060.134 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-2477HigJul 28, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Guest View in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-2296HigJul 28, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 103.0.5060.114 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via direct UI interactions.

  • CVE-2022-2295HigJul 28, 2022
    risk 0.57cvss 8.8epss 0.01

    Type confusion in V8 in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-2163HigJul 28, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Cast UI and Toolbar in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via UI interaction.

  • CVE-2022-2415HigJul 28, 2022
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in WebGL in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-2162HigJul 28, 2022
    risk 0.57cvss 8.8epss 0.01

    Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 103.0.5060.53 allowed a remote attacker to bypass file system access via a crafted HTML page.

  • CVE-2022-2161HigJul 28, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in WebApp Provider in Google Chrome prior to 103.0.5060.53 allowed a remote attacker who convinced the user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions.

  • CVE-2022-2158HigJul 28, 2022
    risk 0.57cvss 8.8epss 0.01

    Type confusion in V8 in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-2157HigJul 28, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Interest groups in Google Chrome prior to 103.0.5060.53 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-2156HigJul 28, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Core in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-2011HigJul 28, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in ANGLE in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-2008HigJul 28, 2022
    risk 0.57cvss 8.8epss 0.01

    Double free in WebGL in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-2007HigJul 28, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in WebGPU in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-1919HigJul 28, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Codecs in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-1876HigJul 27, 2022
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in DevTools in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-1874HigJul 27, 2022
    risk 0.57cvss 8.8epss 0.01

    Insufficient policy enforcement in Safe Browsing in Google Chrome on Mac prior to 102.0.5005.61 allowed a remote attacker to bypass downloads protection policy via a crafted HTML page.

  • CVE-2022-1870HigJul 27, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in App Service in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.

  • CVE-2022-1866HigJul 27, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Tablet Mode in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific user interactions.

  • CVE-2022-1865HigJul 27, 2022
    risk 0.57cvss 8.8epss 0.00

    Use after free in Bookmarks in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction.

  • CVE-2022-1864HigJul 27, 2022
    risk 0.57cvss 8.8epss 0.00

    Use after free in WebApp Installs in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction.

  • CVE-2022-1863HigJul 27, 2022
    risk 0.57cvss 8.8epss 0.00

    Use after free in Tab Groups in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction.

  • CVE-2022-1861HigJul 27, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Sharing in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to enage in specific user interactions to potentially exploit heap corruption via specific user interaction.

  • CVE-2022-1860HigJul 27, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in UI Foundations in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific user interactions.

Page 28 of 227