Vulnerabilities (CVE)

  1. Yack CVE
  2. Vulnerabilities (CVE)
Filtered by vendor Google
Filtered by product Chrome
Angry Yack Logo
Total 3816 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-2614 2 Fedoraproject, Google 2 Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Sign-In Flow in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2613 2 Fedoraproject, Google 3 Fedora, Chrome, Chrome Os 2024-11-21 N/A 8.8 HIGH
Use after free in Input in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to enage in specific user interactions to potentially exploit heap corruption via specific UI interactions.
CVE-2022-2612 2 Fedoraproject, Google 2 Fedora, Chrome 2024-11-21 N/A 6.5 MEDIUM
Side-channel information leakage in Keyboard input in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page.
CVE-2022-2611 2 Fedoraproject, Google 3 Fedora, Android, Chrome 2024-11-21 N/A 4.3 MEDIUM
Inappropriate implementation in Fullscreen API in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2022-2610 2 Fedoraproject, Google 2 Fedora, Chrome 2024-11-21 N/A 6.5 MEDIUM
Insufficient policy enforcement in Background Fetch in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2022-2609 2 Fedoraproject, Google 3 Fedora, Chrome, Chrome Os 2024-11-21 N/A 8.8 HIGH
Use after free in Nearby Share in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions.
CVE-2022-2608 2 Fedoraproject, Google 3 Fedora, Chrome, Chrome Os 2024-11-21 N/A 8.8 HIGH
Use after free in Overview Mode in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions.
CVE-2022-2607 2 Fedoraproject, Google 3 Fedora, Chrome, Chrome Os 2024-11-21 N/A 8.8 HIGH
Use after free in Tab Strip in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions.
CVE-2022-2606 2 Fedoraproject, Google 2 Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Managed devices API in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who convinced a user to enable a specific Enterprise policy to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2605 2 Fedoraproject, Google 2 Fedora, Chrome 2024-11-21 N/A 6.5 MEDIUM
Out of bounds read in Dawn in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2604 2 Fedoraproject, Google 2 Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Safe Browsing in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2603 2 Fedoraproject, Google 2 Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Omnibox in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2587 1 Google 2 Chrome, Chrome Os 2024-11-21 N/A 9.8 CRITICAL
Out of bounds write in Chrome OS Audio Server in Google Chrome on Chrome OS prior to 102.0.5005.125 allowed a remote attacker to potentially exploit heap corruption via crafted audio metadata.
CVE-2022-2481 1 Google 1 Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Views in Google Chrome prior to 103.0.5060.134 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via UI interaction.
CVE-2022-2480 1 Google 1 Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Service Worker API in Google Chrome prior to 103.0.5060.134 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2479 1 Google 2 Android, Chrome 2024-11-21 N/A 4.3 MEDIUM
Insufficient validation of untrusted input in File in Google Chrome on Android prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious app to obtain potentially sensitive information from internal file directories via a crafted HTML page.
CVE-2022-2478 1 Google 1 Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in PDF in Google Chrome prior to 103.0.5060.134 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2477 1 Google 1 Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Guest View in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2415 1 Google 1 Chrome 2024-11-21 N/A 8.8 HIGH
Heap buffer overflow in WebGL in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2399 1 Google 1 Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in WebGPU in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2296 2 Fedoraproject, Google 4 Extra Packages For Enterprise Linux, Fedora, Chrome and 1 more 2024-11-21 N/A 8.8 HIGH
Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 103.0.5060.114 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via direct UI interactions.
CVE-2022-2295 2 Fedoraproject, Google 3 Extra Packages For Enterprise Linux, Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2165 2 Fedoraproject, Google 2 Fedora, Chrome 2024-11-21 N/A 4.3 MEDIUM
Insufficient data validation in URL formatting in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
CVE-2022-2164 2 Fedoraproject, Google 2 Fedora, Chrome 2024-11-21 N/A 6.3 MEDIUM
Inappropriate implementation in Extensions API in Google Chrome prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted HTML page.
CVE-2022-2163 2 Fedoraproject, Google 3 Extra Packages For Enterprise Linux, Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Cast UI and Toolbar in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via UI interaction.
CVE-2022-2162 3 Fedoraproject, Google, Microsoft 3 Fedora, Chrome, Windows 2024-11-21 N/A 8.8 HIGH
Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 103.0.5060.53 allowed a remote attacker to bypass file system access via a crafted HTML page.
CVE-2022-2161 2 Fedoraproject, Google 2 Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in WebApp Provider in Google Chrome prior to 103.0.5060.53 allowed a remote attacker who convinced the user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions.
CVE-2022-2160 3 Fedoraproject, Google, Microsoft 3 Fedora, Chrome, Windows 2024-11-21 N/A 6.5 MEDIUM
Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from a user's local files via a crafted HTML page.
CVE-2022-2158 2 Fedoraproject, Google 3 Extra Packages For Enterprise Linux, Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2157 2 Fedoraproject, Google 2 Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Interest groups in Google Chrome prior to 103.0.5060.53 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2156 2 Fedoraproject, Google 2 Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Core in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2011 2 Fedoraproject, Google 2 Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in ANGLE in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2010 2 Fedoraproject, Google 2 Fedora, Chrome 2024-11-21 N/A 9.3 CRITICAL
Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
CVE-2022-2008 2 Fedoraproject, Google 2 Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Double free in WebGL in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-2007 2 Fedoraproject, Google 2 Fedora, Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in WebGPU in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-1919 1 Google 1 Chrome 2024-11-21 N/A 8.8 HIGH
Use after free in Codecs in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-1876 1 Google 1 Chrome 2024-11-21 N/A 8.8 HIGH
Heap buffer overflow in DevTools in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-1875 1 Google 1 Chrome 2024-11-21 N/A 4.3 MEDIUM
Inappropriate implementation in PDF in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2022-1874 2 Apple, Google 2 Macos, Chrome 2024-11-21 N/A 8.8 HIGH
Insufficient policy enforcement in Safe Browsing in Google Chrome on Mac prior to 102.0.5005.61 allowed a remote attacker to bypass downloads protection policy via a crafted HTML page.
CVE-2022-1873 1 Google 1 Chrome 2024-11-21 N/A 6.5 MEDIUM
Insufficient policy enforcement in COOP in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data via a crafted HTML page.