VYPR

Vendor CVEs

Google

All CVEs

11,351 total · sorted by risk
  • CVE-2022-0106HigFeb 12, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-0105HigFeb 12, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in PDF Accessibility in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-0104HigFeb 12, 2022
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in ANGLE in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-0103HigFeb 12, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in SwiftShader in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-0102HigFeb 12, 2022
    risk 0.57cvss 8.8epss 0.01

    Type confusion in V8 in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-0101HigFeb 12, 2022
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in Bookmarks in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via specific user gesture.

  • CVE-2022-0100HigFeb 12, 2022
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in Media streams API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-0099HigFeb 12, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Sign-in in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gesture.

  • CVE-2022-0098HigFeb 12, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Screen Capture in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gestures.

  • CVE-2022-0096HigFeb 12, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Storage in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-4101HigFeb 11, 2022
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-4100HigFeb 11, 2022
    risk 0.57cvss 8.8epss 0.01

    Object lifecycle issue in ANGLE in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-4099HigFeb 11, 2022
    risk 0.57cvss 8.8epss 0.01

    Use after free in Swiftshader in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-4079HigDec 23, 2021
    risk 0.57cvss 8.8epss 0.01

    Out of bounds write in WebRTC in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via crafted WebRTC packets.

  • CVE-2021-4078HigDec 23, 2021
    risk 0.57cvss 8.8epss 0.01

    Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-4067HigDec 23, 2021
    risk 0.57cvss 8.8epss 0.01

    Use after free in window manager in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-4066HigDec 23, 2021
    risk 0.57cvss 8.8epss 0.01

    Integer underflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-4065HigDec 23, 2021
    risk 0.57cvss 8.8epss 0.01

    Use after free in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-4064HigDec 23, 2021
    risk 0.57cvss 8.8epss 0.01

    Use after free in screen capture in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-4063HigDec 23, 2021
    risk 0.57cvss 8.8epss 0.01

    Use after free in developer tools in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-4062HigDec 23, 2021
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in BFCache in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-4061HigDec 23, 2021
    risk 0.57cvss 8.8epss 0.01

    Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-4058HigDec 23, 2021
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-4057HigDec 23, 2021
    risk 0.57cvss 8.8epss 0.02

    Use after free in file API in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-4056HigDec 23, 2021
    risk 0.57cvss 8.8epss 0.01

    Type confusion in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-4055HigDec 23, 2021
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in extensions in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.

  • CVE-2021-4053HigDec 23, 2021
    risk 0.57cvss 8.8epss 0.01

    Use after free in UI in Google Chrome on Linux prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-4052HigDec 23, 2021
    risk 0.57cvss 8.8epss 0.01

    Use after free in web apps in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.

  • CVE-2021-38017HigDec 23, 2021
    risk 0.57cvss 8.8epss 0.01

    Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

  • CVE-2021-38016HigDec 23, 2021
    risk 0.57cvss 8.8epss 0.01

    Insufficient policy enforcement in background fetch in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass same origin policy via a crafted HTML page.

  • CVE-2021-38015HigDec 23, 2021
    risk 0.57cvss 8.8epss 0.01

    Inappropriate implementation in input in Google Chrome prior to 96.0.4664.45 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.

  • CVE-2021-38014HigDec 23, 2021
    risk 0.57cvss 8.8epss 0.01

    Out of bounds write in Swiftshader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-38012HigDec 23, 2021
    risk 0.57cvss 8.8epss 0.01

    Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-38011HigDec 23, 2021
    risk 0.57cvss 8.8epss 0.01

    Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-38008HigDec 23, 2021
    risk 0.57cvss 8.8epss 0.01

    Use after free in media in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-38007HigDec 23, 2021
    risk 0.57cvss 8.8epss 0.01

    Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-38006HigDec 23, 2021
    risk 0.57cvss 8.8epss 0.01

    Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-38005HigDec 23, 2021
    risk 0.57cvss 8.8epss 0.01

    Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-0967HigDec 15, 2021
    risk 0.57cvss 8.8epss 0.01

    In vorbis_book_decodev_set of codebook.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:…

  • CVE-2021-0965HigDec 15, 2021
    risk 0.57cvss 8.8epss 0.00

    In AndroidManifest.xml of Settings, there is a possible pairing of a Bluetooth device without user's consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for…

  • CVE-2021-0930HigDec 15, 2021
    risk 0.57cvss 8.8epss 0.01

    In phNxpNciHal_process_ext_rsp of phNxpNciHal_ext.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…

  • CVE-2021-37998HigNov 23, 2021
    risk 0.57cvss 8.8epss 0.01

    Use after free in Garbage Collection in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-37997HigNov 23, 2021
    risk 0.57cvss 8.8epss 0.01

    Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allowed a remote attacker who convinced a user to sign into Chrome to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2018-6122HigNov 2, 2021
    risk 0.57cvss 8.8epss 0.01

    Type confusion in WebAssembly in Google Chrome prior to 66.0.3359.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-37993HigNov 2, 2021
    risk 0.57cvss 8.8epss 0.01

    Use after free in PDF Accessibility in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-37992HigNov 2, 2021
    risk 0.57cvss 8.8epss 0.01

    Out of bounds read in WebAudio in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-37988HigNov 2, 2021
    risk 0.57cvss 8.8epss 0.01

    Use after free in Profiles in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who convinced a user to engage in specific gestures to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-37987HigNov 2, 2021
    risk 0.57cvss 8.8epss 0.01

    Use after free in Network APIs in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-37986HigNov 2, 2021
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in Settings in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to engage with Dev Tools to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-37985HigNov 2, 2021
    risk 0.57cvss 8.8epss 0.01

    Use after free in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had convinced a user to allow for connection to debugger to potentially exploit heap corruption via a crafted HTML page.

Page 31 of 228