Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Google Subscribe
Total 10294 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-37995 2 Debian, Google 2 Debian Linux, Chrome 2022-02-28 4.3 MEDIUM 6.5 MEDIUM
Inappropriate implementation in WebApp Installer in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially overlay and spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2021-38007 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2022-02-28 6.8 MEDIUM 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-38008 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2022-02-28 6.8 MEDIUM 8.8 HIGH
Use after free in media in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-38009 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2022-02-28 4.3 MEDIUM 6.5 MEDIUM
Inappropriate implementation in cache in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2021-38011 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2022-02-28 6.8 MEDIUM 8.8 HIGH
Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-38006 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2022-02-28 6.8 MEDIUM 8.8 HIGH
Use after free in storage foundation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-37999 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2022-02-28 4.3 MEDIUM 6.1 MEDIUM
Insufficient data validation in New Tab Page in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to inject arbitrary scripts or HTML in a new browser tab via a crafted HTML page.
CVE-2021-38005 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2022-02-28 6.8 MEDIUM 8.8 HIGH
Use after free in loader in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-38001 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2022-02-28 6.8 MEDIUM 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-38000 3 Debian, Fedoraproject, Google 4 Debian Linux, Fedora, Android and 1 more 2022-02-28 5.8 MEDIUM 6.1 MEDIUM
Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.4638.69 allowed a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page.
CVE-2021-37997 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2022-02-28 6.8 MEDIUM 8.8 HIGH
Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allowed a remote attacker who convinced a user to sign into Chrome to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-37998 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2022-02-28 6.8 MEDIUM 8.8 HIGH
Use after free in Garbage Collection in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-38002 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2022-02-28 6.8 MEDIUM 9.6 CRITICAL
Use after free in Web Transport in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
CVE-2022-0310 1 Google 1 Chrome 2022-02-22 6.8 MEDIUM 8.8 HIGH
Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via specific user interactions.
CVE-2022-0311 1 Google 1 Chrome 2022-02-22 6.8 MEDIUM 8.8 HIGH
Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0309 1 Google 1 Chrome 2022-02-22 4.3 MEDIUM 6.5 MEDIUM
Inappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
CVE-2022-0305 1 Google 1 Chrome 2022-02-22 4.3 MEDIUM 6.5 MEDIUM
Inappropriate implementation in Service Worker API in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.
CVE-2022-24925 1 Google 1 Android 2022-02-22 6.8 MEDIUM 6.5 MEDIUM
Improper input validation vulnerability in SettingsProvider prior to Android S(12) allows privileged attackers to trigger a permanent denial of service attack on a victim's devices.
CVE-2022-0301 1 Google 1 Chrome 2022-02-22 6.8 MEDIUM 7.8 HIGH
Heap buffer overflow in DevTools in Google Chrome prior to 97.0.4692.99 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0294 1 Google 1 Chrome 2022-02-22 4.3 MEDIUM 6.5 MEDIUM
Inappropriate implementation in Push messaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.