Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Google Subscribe
Filtered by product Chrome
Total 3358 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-0806 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2023-08-08 4.3 MEDIUM 6.5 MEDIUM
Data leak in Canvas in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in screen sharing to potentially leak cross-origin data via a crafted HTML page.
CVE-2022-1867 1 Google 1 Chrome 2023-08-08 N/A 6.5 MEDIUM
Insufficient validation of untrusted input in Data Transfer in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass same origin policy via a crafted clipboard content.
CVE-2022-1874 2 Apple, Google 2 Macos, Chrome 2023-08-08 N/A 8.8 HIGH
Insufficient policy enforcement in Safe Browsing in Google Chrome on Mac prior to 102.0.5005.61 allowed a remote attacker to bypass downloads protection policy via a crafted HTML page.
CVE-2022-1146 1 Google 1 Chrome 2023-08-08 N/A 6.5 MEDIUM
Inappropriate implementation in Resource Timing in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2022-1138 1 Google 1 Chrome 2023-08-08 N/A 6.5 MEDIUM
Inappropriate implementation in Web Cursor in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who had compromised the renderer process to obscure the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2022-3316 1 Google 1 Chrome 2023-08-08 N/A 4.3 MEDIUM
Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to bypass security feature via a crafted HTML page. (Chromium security severity: Low)
CVE-2021-4098 1 Google 1 Chrome 2023-08-08 4.3 MEDIUM 7.4 HIGH
Insufficient data validation in Mojo in Google Chrome prior to 96.0.4664.110 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2022-2742 1 Google 3 Chrome, Chrome Os, Linux And Chrome Os 2023-08-08 N/A 8.8 HIGH
Use after free in Exosphere in Google Chrome on Chrome OS and Lacros prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions. (Chrome security severity: High)
CVE-2022-3307 1 Google 1 Chrome 2023-08-08 N/A 8.8 HIGH
Use after free in media in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-3304 1 Google 1 Chrome 2023-08-08 N/A 8.8 HIGH
Use after free in CSS in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-0610 1 Google 1 Chrome 2023-08-08 6.8 MEDIUM 8.8 HIGH
Inappropriate implementation in Gamepad API in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-3318 1 Google 2 Chrome, Chrome Os 2023-08-08 N/A 4.3 MEDIUM
Use after free in ChromeOS Notifications in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker who convinced a user to reboot Chrome OS to potentially exploit heap corruption via UI interaction. (Chromium security severity: Low)
CVE-2022-0305 1 Google 1 Chrome 2023-08-08 4.3 MEDIUM 6.5 MEDIUM
Inappropriate implementation in Service Worker API in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.
CVE-2022-0470 1 Google 1 Chrome 2023-08-08 6.8 MEDIUM 8.8 HIGH
Out of bounds memory access in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0301 1 Google 1 Chrome 2023-08-08 6.8 MEDIUM 7.8 HIGH
Heap buffer overflow in DevTools in Google Chrome prior to 97.0.4692.99 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-1482 1 Google 1 Chrome 2023-08-08 N/A 6.5 MEDIUM
Inappropriate implementation in WebGL in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21126 2 Google, Microsoft 2 Chrome, Edge Chromium 2023-08-08 4.3 MEDIUM 6.5 MEDIUM
Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension.
CVE-2021-4100 1 Google 1 Chrome 2023-08-08 6.8 MEDIUM 8.8 HIGH
Object lifecycle issue in ANGLE in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0809 1 Google 1 Chrome 2023-08-08 6.8 MEDIUM 8.8 HIGH
Out of bounds memory access in WebXR in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0797 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2023-08-08 6.8 MEDIUM 8.8 HIGH
Out of bounds memory access in Mojo in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.