Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Google Subscribe
Filtered by product Chrome
Total 3358 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-21129 2 Google, Microsoft 2 Chrome, Edge Chromium 2022-07-12 4.3 MEDIUM 6.5 MEDIUM
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
CVE-2021-21130 2 Google, Microsoft 2 Chrome, Edge Chromium 2022-07-12 4.3 MEDIUM 6.5 MEDIUM
Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
CVE-2021-21125 2 Google, Microsoft 2 Chrome, Edge Chromium 2022-07-12 5.8 MEDIUM 8.1 HIGH
Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.
CVE-2021-21137 2 Google, Microsoft 2 Chrome, Edge Chromium 2022-06-28 4.3 MEDIUM 6.5 MEDIUM
Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.
CVE-2022-0306 1 Google 1 Chrome 2022-05-11 6.8 MEDIUM 8.8 HIGH
Heap buffer overflow in PDFium in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6558 4 Apple, Debian, Google and 1 more 5 Iphone Os, Debian Linux, Chrome and 2 more 2022-04-28 4.3 MEDIUM 6.5 MEDIUM
Insufficient policy enforcement in iOSWeb in Google Chrome on iOS prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
CVE-2020-6464 3 Debian, Google, Opensuse 3 Debian Linux, Chrome, Leap 2022-04-26 6.8 MEDIUM 8.8 HIGH
Type confusion in Blink in Google Chrome prior to 81.0.4044.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6459 2 Debian, Google 2 Debian Linux, Chrome 2022-04-26 6.8 MEDIUM 8.8 HIGH
Use after free in payments in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6494 3 Debian, Google, Opensuse 5 Debian Linux, Android, Chrome and 2 more 2022-04-26 4.3 MEDIUM 6.5 MEDIUM
Incorrect security UI in payments in Google Chrome on Android prior to 83.0.4103.97 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2022-0466 1 Google 1 Chrome 2022-04-13 6.8 MEDIUM 9.6 CRITICAL
Inappropriate implementation in Extensions Platform in Google Chrome prior to 98.0.4758.80 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page.
CVE-2022-0467 1 Google 1 Chrome 2022-04-12 6.8 MEDIUM 8.8 HIGH
Inappropriate implementation in Pointer Lock in Google Chrome on Windows prior to 98.0.4758.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
CVE-2022-0462 1 Google 1 Chrome 2022-04-12 4.3 MEDIUM 6.5 MEDIUM
Inappropriate implementation in Scroll in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2022-0603 1 Google 2 Chrome, Chrome Os 2022-04-12 6.8 MEDIUM 8.8 HIGH
Use after free in File Manager in Google Chrome on Chrome OS prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0459 1 Google 1 Chrome 2022-04-11 6.8 MEDIUM 8.8 HIGH
Use after free in Screen Capture in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who had compromised the renderer process and convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0457 1 Google 1 Chrome 2022-04-11 6.8 MEDIUM 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0605 1 Google 1 Chrome 2022-04-11 6.8 MEDIUM 8.8 HIGH
Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and convinced a user to enage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0607 1 Google 1 Chrome 2022-04-11 6.8 MEDIUM 8.8 HIGH
Use after free in GPU in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0452 1 Google 1 Chrome 2022-04-11 6.8 MEDIUM 9.6 CRITICAL
Use after free in Safe Browsing in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
CVE-2017-5130 3 Debian, Google, Xmlsoft 3 Debian Linux, Chrome, Libxml2 2022-04-08 6.8 MEDIUM 8.8 HIGH
An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted XML file.
CVE-2022-0454 1 Google 1 Chrome 2022-04-08 6.8 MEDIUM 8.8 HIGH
Heap buffer overflow in ANGLE in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.