Filtered by vendor Google
Subscribe
Total
13548 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-2853 | 2 Fedoraproject, Google | 3 Fedora, Android, Chrome | 2025-05-22 | N/A | 8.8 HIGH |
|
Heap buffer overflow in Downloads in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2022-2852 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-22 | N/A | 8.8 HIGH |
|
Use after free in FedCM in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2022-3047 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-22 | N/A | 6.5 MEDIUM |
|
Insufficient policy enforcement in Extensions API in Google Chrome prior to 105.0.5195.52 allowed an attacker who convinced a user to install a malicious extension to bypass downloads policy via a crafted HTML page.
|
|||||
| CVE-2022-3046 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-22 | N/A | 8.8 HIGH |
|
Use after free in Browser Tag in Google Chrome prior to 105.0.5195.52 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2022-3045 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-22 | N/A | 8.8 HIGH |
|
Insufficient validation of untrusted input in V8 in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2022-3044 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-22 | N/A | 6.5 MEDIUM |
|
Inappropriate implementation in Site Isolation in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.
|
|||||
| CVE-2022-2857 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-22 | N/A | 8.8 HIGH |
|
Use after free in Blink in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2022-2855 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-22 | N/A | 8.8 HIGH |
|
Use after free in ANGLE in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2022-2854 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-22 | N/A | 8.8 HIGH |
|
Use after free in SwiftShader in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2022-3196 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-21 | N/A | 8.8 HIGH |
|
Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)
|
|||||
| CVE-2022-3197 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-21 | N/A | 8.8 HIGH |
|
Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)
|
|||||
| CVE-2022-2861 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-21 | N/A | 6.5 MEDIUM |
|
Inappropriate implementation in Extensions API in Google Chrome prior to 104.0.5112.101 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts into WebUI via a crafted HTML page.
|
|||||
| CVE-2022-2860 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-21 | N/A | 6.5 MEDIUM |
|
Insufficient policy enforcement in Cookies in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to bypass cookie prefix restrictions via a crafted HTML page.
|
|||||
| CVE-2022-2859 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-21 | N/A | 8.8 HIGH |
|
Use after free in Chrome OS Shell in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions.
|
|||||
| CVE-2022-2858 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-21 | N/A | 8.8 HIGH |
|
Use after free in Sign-In Flow in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via specific UI interaction.
|
|||||
| CVE-2022-3055 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-21 | N/A | 8.8 HIGH |
|
Use after free in Passwords in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2022-3054 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-21 | N/A | 6.5 MEDIUM |
|
Insufficient policy enforcement in DevTools in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2022-3053 | 3 Apple, Fedoraproject, Google | 3 Macos, Fedora, Chrome | 2025-05-21 | N/A | 4.3 MEDIUM |
|
Inappropriate implementation in Pointer Lock in Google Chrome on Mac prior to 105.0.5195.52 allowed a remote attacker to restrict user navigation via a crafted HTML page.
|
|||||
| CVE-2022-3052 | 2 Fedoraproject, Google | 4 Fedora, Chrome, Chrome Os and 1 more | 2025-05-21 | N/A | 8.8 HIGH |
|
Heap buffer overflow in Window Manager in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions.
|
|||||
| CVE-2022-3043 | 2 Fedoraproject, Google | 3 Fedora, Chrome, Chrome Os | 2025-05-21 | N/A | 8.8 HIGH |
|
Heap buffer overflow in Screen Capture in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2022-3042 | 2 Fedoraproject, Google | 3 Fedora, Chrome, Chrome Os | 2025-05-21 | N/A | 8.8 HIGH |
|
Use after free in PhoneHub in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2022-3041 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-21 | N/A | 8.8 HIGH |
|
Use after free in WebSQL in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2022-3040 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-21 | N/A | 8.8 HIGH |
|
Use after free in Layout in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2022-3039 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-21 | N/A | 8.8 HIGH |
|
Use after free in WebSQL in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2022-2998 | 1 Google | 1 Chrome | 2025-05-21 | N/A | 8.8 HIGH |
|
Use after free in Browser Creation in Google Chrome prior to 104.0.5112.101 allowed a remote attacker who had convinced a user to engage in a specific UI interaction to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2022-3200 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-21 | N/A | 8.8 HIGH |
|
Heap buffer overflow in Internals in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2022-3199 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-21 | N/A | 8.8 HIGH |
|
Use after free in Frames in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2022-3198 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-21 | N/A | 8.8 HIGH |
|
Use after free in PDF in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)
|
|||||
| CVE-2022-3071 | 2 Fedoraproject, Google | 4 Fedora, Chrome, Chrome Os and 1 more | 2025-05-21 | N/A | 8.8 HIGH |
|
Use after free in Tab Strip in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interaction.
|
|||||
| CVE-2022-3058 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-21 | N/A | 8.8 HIGH |
|
Use after free in Sign-In Flow in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interaction.
|
|||||
| CVE-2022-3057 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-21 | N/A | 6.5 MEDIUM |
|
Inappropriate implementation in iframe Sandbox in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
|
|||||
| CVE-2022-3056 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-21 | N/A | 6.5 MEDIUM |
|
Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to bypass content security policy via a crafted HTML page.
|
|||||
| CVE-2022-3051 | 2 Fedoraproject, Google | 4 Fedora, Chrome, Chrome Os and 1 more | 2025-05-21 | N/A | 8.8 HIGH |
|
Heap buffer overflow in Exosphere in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions.
|
|||||
| CVE-2022-3050 | 2 Fedoraproject, Google | 3 Fedora, Chrome, Chrome Os | 2025-05-21 | N/A | 8.8 HIGH |
|
Heap buffer overflow in WebUI in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions.
|
|||||
| CVE-2022-3049 | 2 Fedoraproject, Google | 4 Fedora, Chrome, Chrome Os and 1 more | 2025-05-21 | N/A | 8.8 HIGH |
|
Use after free in SplitScreen in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2022-3048 | 2 Fedoraproject, Google | 3 Fedora, Chrome, Chrome Os | 2025-05-21 | N/A | 6.8 MEDIUM |
|
Inappropriate implementation in Chrome OS lockscreen in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a local attacker to bypass lockscreen navigation restrictions via physical access to the device.
|
|||||
| CVE-2019-5797 | 1 Google | 1 Chrome | 2025-05-20 | N/A | 7.5 HIGH |
|
Double free in DOMStorage in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
|||||
| CVE-2023-32878 | 2 Google, Mediatek | 22 Android, Mt6762, Mt6765 and 19 more | 2025-05-16 | N/A | 4.4 MEDIUM |
|
In battery, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08307992.
|
|||||
| CVE-2024-20007 | 2 Google, Mediatek | 34 Android, Mt6580, Mt6739 and 31 more | 2025-05-15 | N/A | 7.5 HIGH |
|
In mp3 decoder, there is a possible out of bounds write due to a race condition. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08441369; Issue ID: ALPS08441369.
|
|||||
| CVE-2024-20001 | 2 Google, Mediatek | 59 Android, Mt5583, Mt5586 and 56 more | 2025-05-15 | N/A | 6.7 MEDIUM |
|
In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961601; Issue ID: DTV03961601.
|
|||||