Filtered by vendor Google
Subscribe
Total
13548 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-30724 | 1 Google | 1 Android | 2024-11-21 | 3.3 LOW | 4.0 MEDIUM |
|
Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in sendIntentSessionCompleted function of Bluetooth prior to SMR Jun-2022 Release 1 leaks MAC address of the connected Bluetooth device.
|
|||||
| CVE-2022-30723 | 1 Google | 1 Android | 2024-11-21 | 3.3 LOW | 4.0 MEDIUM |
|
Broadcasting Intent including the BluetoothDevice object without proper restriction of receivers in activateVoiceRecognitionWithDevice function of Bluetooth prior to SMR Jun-2022 Release 1 leaks MAC address of the connected Bluetooth device.
|
|||||
| CVE-2022-30722 | 1 Google | 1 Android | 2024-11-21 | 7.5 HIGH | 6.2 MEDIUM |
|
Implicit Intent hijacking vulnerability in Samsung Account prior to SMR Jun-2022 Release 1 allows attackers to bypass user confirmation of Samsung Account.
|
|||||
| CVE-2022-30721 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 2.5 LOW |
|
Improper input validation check logic vulnerability in libsmkvextractor prior to SMR Jun-2022 Release 1 allows attackers to trigger crash.
|
|||||
| CVE-2022-30720 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 2.5 LOW |
|
Improper input validation check logic vulnerability in libsmkvextractor prior to SMR Jun-2022 Release 1 allows attackers to trigger crash.
|
|||||
| CVE-2022-30719 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 2.5 LOW |
|
Improper input validation check logic vulnerability in libsmkvextractor prior to SMR Jun-2022 Release 1 allows attackers to trigger crash.
|
|||||
| CVE-2022-30717 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 4.0 MEDIUM |
|
Improper caller check in AR Emoji prior to SMR Jun-2022 Release 1 allows untrusted applications to use some camera functions via deeplink.
|
|||||
| CVE-2022-30716 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 4.0 MEDIUM |
|
Unprotected broadcast in sendIntentForToastDumpLog in DisplayToast prior to SMR Jun-2022 Release 1 allows untrusted applications to access toast message information from device.
|
|||||
| CVE-2022-30715 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 4.0 MEDIUM |
|
Improper access control vulnerability in DofViewer prior to SMR Jun-2022 Release 1 allows attackers to control floating system alert window.
|
|||||
| CVE-2022-30714 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 1.9 LOW |
|
Information exposure vulnerability in SemIWCMonitor prior to SMR Jun-2022 Release 1 allows local attackers to get MAC address information.
|
|||||
| CVE-2022-30713 | 1 Google | 1 Android | 2024-11-21 | 9.4 HIGH | 8.5 HIGH |
|
Improper validation vulnerability in LSOItemData prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.
|
|||||
| CVE-2022-30712 | 1 Google | 1 Android | 2024-11-21 | 6.4 MEDIUM | 8.5 HIGH |
|
Improper validation vulnerability in KfaOptions prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.
|
|||||
| CVE-2022-30711 | 1 Google | 1 Android | 2024-11-21 | 9.4 HIGH | 8.5 HIGH |
|
Improper validation vulnerability in FeedsInfo prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.
|
|||||
| CVE-2022-30710 | 1 Google | 1 Android | 2024-11-21 | 9.4 HIGH | 8.5 HIGH |
|
Improper validation vulnerability in RemoteViews prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.
|
|||||
| CVE-2022-30709 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 2.5 LOW |
|
Improper input validation check logic vulnerability in SECRIL prior to SMR Jun-2022 Release 1 allows attackers to trigger crash.
|
|||||
| CVE-2022-2743 | 1 Google | 3 Chrome, Chrome Os, Linux And Chrome Os | 2024-11-21 | N/A | 8.8 HIGH |
|
Integer overflow in Window Manager in Google Chrome on Chrome OS and Lacros prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific UI interactions to perform an out of bounds memory write via crafted UI interactions. (Chrome security severity: High)
|
|||||
| CVE-2022-2742 | 1 Google | 3 Chrome, Chrome Os, Linux And Chrome Os | 2024-11-21 | N/A | 8.8 HIGH |
|
Use after free in Exosphere in Google Chrome on Chrome OS and Lacros prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions. (Chrome security severity: High)
|
|||||
| CVE-2022-2624 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | N/A | 8.8 HIGH |
|
Heap buffer overflow in PDF in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted PDF file.
|
|||||
| CVE-2022-2623 | 2 Fedoraproject, Google | 3 Fedora, Android, Chrome | 2024-11-21 | N/A | 8.8 HIGH |
|
Use after free in Offline in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions.
|
|||||
| CVE-2022-2622 | 3 Fedoraproject, Google, Microsoft | 3 Fedora, Chrome, Windows | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Insufficient validation of untrusted input in Safe Browsing in Google Chrome on Windows prior to 104.0.5112.79 allowed a remote attacker to bypass download restrictions via a crafted file.
|
|||||
| CVE-2022-2621 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | N/A | 8.8 HIGH |
|
Use after free in Extensions in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interactions.
|
|||||
| CVE-2022-2620 | 2 Fedoraproject, Google | 3 Fedora, Chrome, Chrome Os | 2024-11-21 | N/A | 8.8 HIGH |
|
Use after free in WebUI in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions.
|
|||||
| CVE-2022-2619 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Insufficient validation of untrusted input in Settings in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted HTML page.
|
|||||
| CVE-2022-2618 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Insufficient validation of untrusted input in Internals in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to bypass download restrictions via a malicious file .
|
|||||
| CVE-2022-2617 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | N/A | 8.8 HIGH |
|
Use after free in Extensions API in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interactions.
|
|||||
| CVE-2022-2616 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Inappropriate implementation in Extensions API in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to spoof the contents of the Omnibox (URL bar) via a crafted Chrome Extension.
|
|||||
| CVE-2022-2615 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Insufficient policy enforcement in Cookies in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
|
|||||
| CVE-2022-2614 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | N/A | 8.8 HIGH |
|
Use after free in Sign-In Flow in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2022-2613 | 2 Fedoraproject, Google | 3 Fedora, Chrome, Chrome Os | 2024-11-21 | N/A | 8.8 HIGH |
|
Use after free in Input in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to enage in specific user interactions to potentially exploit heap corruption via specific UI interactions.
|
|||||
| CVE-2022-2612 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Side-channel information leakage in Keyboard input in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page.
|
|||||
| CVE-2022-2611 | 2 Fedoraproject, Google | 3 Fedora, Android, Chrome | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Inappropriate implementation in Fullscreen API in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
|
|||||
| CVE-2022-2610 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Insufficient policy enforcement in Background Fetch in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
|
|||||
| CVE-2022-2609 | 2 Fedoraproject, Google | 3 Fedora, Chrome, Chrome Os | 2024-11-21 | N/A | 8.8 HIGH |
|
Use after free in Nearby Share in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions.
|
|||||
| CVE-2022-2608 | 2 Fedoraproject, Google | 3 Fedora, Chrome, Chrome Os | 2024-11-21 | N/A | 8.8 HIGH |
|
Use after free in Overview Mode in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions.
|
|||||
| CVE-2022-2607 | 2 Fedoraproject, Google | 3 Fedora, Chrome, Chrome Os | 2024-11-21 | N/A | 8.8 HIGH |
|
Use after free in Tab Strip in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions.
|
|||||
| CVE-2022-2606 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | N/A | 8.8 HIGH |
|
Use after free in Managed devices API in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who convinced a user to enable a specific Enterprise policy to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2022-2605 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Out of bounds read in Dawn in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2022-2604 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | N/A | 8.8 HIGH |
|
Use after free in Safe Browsing in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2022-2603 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | N/A | 8.8 HIGH |
|
Use after free in Omnibox in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2022-2587 | 1 Google | 2 Chrome, Chrome Os | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Out of bounds write in Chrome OS Audio Server in Google Chrome on Chrome OS prior to 102.0.5005.125 allowed a remote attacker to potentially exploit heap corruption via crafted audio metadata.
|
|||||