Filtered by vendor Google
Subscribe
Total
10294 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-2858 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2022-10-27 | N/A | 8.8 HIGH |
| Use after free in Sign-In Flow in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via specific UI interaction. | |||||
| CVE-2022-2859 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2022-10-27 | N/A | 8.8 HIGH |
| Use after free in Chrome OS Shell in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions. | |||||
| CVE-2022-2856 | 2 Fedoraproject, Google | 3 Fedora, Android, Chrome | 2022-10-27 | N/A | 6.5 MEDIUM |
| Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker to arbitrarily browse to a malicious website via a crafted HTML page. | |||||
| CVE-2022-2855 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2022-10-27 | N/A | 8.8 HIGH |
| Use after free in ANGLE in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-2857 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2022-10-27 | N/A | 8.8 HIGH |
| Use after free in Blink in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-2621 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2022-10-27 | N/A | 8.8 HIGH |
| Use after free in Extensions in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interactions. | |||||
| CVE-2022-2613 | 2 Fedoraproject, Google | 3 Fedora, Chrome, Chrome Os | 2022-10-27 | N/A | 8.8 HIGH |
| Use after free in Input in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to enage in specific user interactions to potentially exploit heap corruption via specific UI interactions. | |||||
| CVE-2022-2854 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2022-10-27 | N/A | 8.8 HIGH |
| Use after free in SwiftShader in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-2606 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2022-10-27 | N/A | 8.8 HIGH |
| Use after free in Managed devices API in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who convinced a user to enable a specific Enterprise policy to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-2607 | 2 Fedoraproject, Google | 3 Fedora, Chrome, Chrome Os | 2022-10-27 | N/A | 8.8 HIGH |
| Use after free in Tab Strip in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. | |||||
| CVE-2022-2605 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2022-10-27 | N/A | 6.5 MEDIUM |
| Out of bounds read in Dawn in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-2603 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2022-10-27 | N/A | 8.8 HIGH |
| Use after free in Omnibox in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-2604 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2022-10-27 | N/A | 8.8 HIGH |
| Use after free in Safe Browsing in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-2611 | 2 Fedoraproject, Google | 3 Fedora, Android, Chrome | 2022-10-27 | N/A | 4.3 MEDIUM |
| Inappropriate implementation in Fullscreen API in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | |||||
| CVE-2022-2612 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2022-10-27 | N/A | 6.5 MEDIUM |
| Side-channel information leakage in Keyboard input in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. | |||||
| CVE-2022-2610 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2022-10-27 | N/A | 6.5 MEDIUM |
| Insufficient policy enforcement in Background Fetch in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2022-2608 | 2 Fedoraproject, Google | 3 Fedora, Chrome, Chrome Os | 2022-10-27 | N/A | 8.8 HIGH |
| Use after free in Overview Mode in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. | |||||
| CVE-2022-2609 | 2 Fedoraproject, Google | 3 Fedora, Chrome, Chrome Os | 2022-10-27 | N/A | 8.8 HIGH |
| Use after free in Nearby Share in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. | |||||
| CVE-2022-2008 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2022-10-27 | N/A | 8.8 HIGH |
| Double free in WebGL in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-36833 | 2 Google, Samsung | 2 Android, Gameoptimizingservice | 2022-10-27 | N/A | 7.8 HIGH |
| Improper Privilege Management vulnerability in Game Optimizing Service prior to versions 3.3.04.0 in Android 10, and 3.5.04.8 in Android 11 and above allows local attacker to execute hidden function for developer by changing package name. | |||||