Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Google Subscribe
Filtered by product Chrome
Total 3358 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-2743 1 Google 3 Chrome, Chrome Os, Linux And Chrome Os 2023-01-09 N/A 8.8 HIGH
Integer overflow in Window Manager in Google Chrome on Chrome OS and Lacros prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific UI interactions to perform an out of bounds memory write via crafted UI interactions. (Chrome security severity: High)
CVE-2022-3842 1 Google 1 Chrome 2023-01-09 N/A 7.5 HIGH
Use after free in Passwords in Google Chrome prior to 105.0.5195.125 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-3863 1 Google 1 Chrome 2023-01-09 N/A 6.1 MEDIUM
Use after free in Browser History in Google Chrome prior to 100.0.4896.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chrome security severity: High)
CVE-2022-3309 1 Google 2 Chrome, Chrome Os 2022-12-09 N/A 6.5 MEDIUM
Use after free in assistant in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via specific UI gestures. (Chromium security severity: Medium)
CVE-2022-3311 1 Google 1 Chrome 2022-12-09 N/A 6.5 MEDIUM
Use after free in import in Google Chrome prior to 106.0.5249.62 allowed a remote attacker who had compromised a WebUI process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
CVE-2022-3310 1 Google 2 Android, Chrome 2022-12-09 N/A 6.5 MEDIUM
Insufficient policy enforcement in custom tabs in Google Chrome on Android prior to 106.0.5249.62 allowed an attacker who convinced the user to install an application to bypass same origin policy via a crafted application. (Chromium security severity: Medium)
CVE-2022-3308 1 Google 1 Chrome 2022-12-09 N/A 7.4 HIGH
Insufficient policy enforcement in developer tools in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
CVE-2022-3306 1 Google 2 Chrome, Chrome Os 2022-12-09 N/A 8.8 HIGH
Use after free in survey in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-3305 1 Google 2 Chrome, Chrome Os 2022-12-09 N/A 8.8 HIGH
Use after free in survey in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-3655 1 Google 1 Chrome 2022-12-09 N/A 8.8 HIGH
Heap buffer overflow in Media Galleries in Google Chrome prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
CVE-2022-3654 1 Google 1 Chrome 2022-12-09 N/A 8.8 HIGH
Use after free in Layout in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-3653 1 Google 1 Chrome 2022-12-09 N/A 8.8 HIGH
Heap buffer overflow in Vulkan in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-3652 1 Google 1 Chrome 2022-12-09 N/A 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-3656 1 Google 1 Chrome 2022-12-09 N/A 8.8 HIGH
Insufficient data validation in File System in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. (Chromium security severity: Medium)
CVE-2022-3657 1 Google 1 Chrome 2022-12-09 N/A 8.8 HIGH
Use after free in Extensions in Google Chrome prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium)
CVE-2022-3658 1 Google 2 Chrome, Chrome Os 2022-12-09 N/A 8.8 HIGH
Use after free in Feedback service on Chrome OS in Google Chrome on Chrome OS prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium)
CVE-2022-3659 1 Google 2 Chrome, Chrome Os 2022-12-09 N/A 8.8 HIGH
Use after free in Accessibility in Google Chrome on Chrome OS prior to 107.0.5304.62 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions. (Chromium security severity: Medium)
CVE-2022-3315 1 Google 1 Chrome 2022-12-08 N/A 8.8 HIGH
Type confusion in Blink in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)
CVE-2022-3314 1 Google 1 Chrome 2022-12-08 N/A 6.5 MEDIUM
Use after free in logging in Google Chrome prior to 106.0.5249.62 allowed a remote attacker who had compromised a WebUI process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
CVE-2022-3313 1 Google 1 Chrome 2022-12-08 N/A 6.5 MEDIUM
Incorrect security UI in full screen in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)