Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Google Subscribe
Total 10294 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-3307 1 Google 1 Chrome 2022-12-09 N/A 8.8 HIGH
Use after free in media in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-3654 1 Google 1 Chrome 2022-12-09 N/A 8.8 HIGH
Use after free in Layout in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-3655 1 Google 1 Chrome 2022-12-09 N/A 8.8 HIGH
Heap buffer overflow in Media Galleries in Google Chrome prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
CVE-2022-3653 1 Google 1 Chrome 2022-12-09 N/A 8.8 HIGH
Heap buffer overflow in Vulkan in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-3652 1 Google 1 Chrome 2022-12-09 N/A 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-3443 1 Google 1 Chrome 2022-12-09 N/A 4.3 MEDIUM
Insufficient data validation in File System API in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to bypass File System restrictions via a crafted HTML page. (Chromium security severity: Low)
CVE-2022-3444 1 Google 1 Chrome 2022-12-09 N/A 4.3 MEDIUM
Insufficient data validation in File System API in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to bypass File System restrictions via a crafted HTML page and malicious file. (Chromium security severity: Low)
CVE-2022-3317 1 Google 2 Android, Chrome 2022-12-09 N/A 4.3 MEDIUM
Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 106.0.5249.62 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)
CVE-2022-3656 1 Google 1 Chrome 2022-12-09 N/A 8.8 HIGH
Insufficient data validation in File System in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. (Chromium security severity: Medium)
CVE-2022-3658 1 Google 2 Chrome, Chrome Os 2022-12-09 N/A 8.8 HIGH
Use after free in Feedback service on Chrome OS in Google Chrome on Chrome OS prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium)
CVE-2022-3657 1 Google 1 Chrome 2022-12-09 N/A 8.8 HIGH
Use after free in Extensions in Google Chrome prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium)
CVE-2022-3659 1 Google 2 Chrome, Chrome Os 2022-12-09 N/A 8.8 HIGH
Use after free in Accessibility in Google Chrome on Chrome OS prior to 107.0.5304.62 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions. (Chromium security severity: Medium)
CVE-2022-3660 1 Google 2 Android, Chrome 2022-12-09 N/A 4.3 MEDIUM
Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 107.0.5304.62 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)
CVE-2022-3723 1 Google 1 Chrome 2022-12-08 N/A 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 107.0.5304.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-3661 1 Google 1 Chrome 2022-12-08 N/A 4.3 MEDIUM
Insufficient data validation in Extensions in Google Chrome prior to 107.0.5304.62 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted Chrome Extension. (Chromium security severity: Low)
CVE-2022-3313 1 Google 1 Chrome 2022-12-08 N/A 6.5 MEDIUM
Incorrect security UI in full screen in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)
CVE-2022-3314 1 Google 1 Chrome 2022-12-08 N/A 6.5 MEDIUM
Use after free in logging in Google Chrome prior to 106.0.5249.62 allowed a remote attacker who had compromised a WebUI process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
CVE-2022-3315 1 Google 1 Chrome 2022-12-08 N/A 8.8 HIGH
Type confusion in Blink in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)
CVE-2022-3888 2 Debian, Google 2 Debian Linux, Chrome 2022-12-08 N/A 8.8 HIGH
Use after free in WebCodecs in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-3889 2 Debian, Google 2 Debian Linux, Chrome 2022-12-08 N/A 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)