Filtered by vendor Google
Subscriptions
Total
13213 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-4914 | 1 Google | 1 Chrome | 2025-02-13 | 8.8 High |
| Heap buffer overflow in PrintPreview in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2022-4913 | 1 Google | 1 Chrome | 2025-02-13 | 6.5 Medium |
| Inappropriate implementation in Extensions in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who had compromised the renderer process to spoof extension storage via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2022-4912 | 1 Google | 1 Chrome | 2025-02-13 | 8.8 High |
| Type Confusion in MathML in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2022-4911 | 1 Google | 1 Chrome | 2025-02-13 | 6.5 Medium |
| Insufficient data validation in DevTools in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2022-4910 | 1 Google | 1 Chrome | 2025-02-13 | 5.4 Medium |
| Inappropriate implementation in Autofill in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2022-4909 | 1 Google | 1 Chrome | 2025-02-13 | 6.3 Medium |
| Inappropriate implementation in XML in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially perform an ASLR bypass via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2022-4908 | 1 Google | 1 Chrome | 2025-02-13 | 4.3 Medium |
| Inappropriate implementation in iFrame Sandbox in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2022-4907 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2025-02-13 | 8.8 High |
| Uninitialized Use in FFmpeg in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2022-4906 | 1 Google | 1 Chrome | 2025-02-13 | 8.8 High |
| Inappropriate implementation in Blink in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2021-4324 | 1 Google | 1 Chrome | 2025-02-13 | 6.5 Medium |
| Insufficient policy enforcement in Google Update in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to read arbitrary files via a malicious file. (Chromium security severity: Medium) | ||||
| CVE-2021-4323 | 1 Google | 1 Chrome | 2025-02-13 | 6.5 Medium |
| Insufficient validation of untrusted input in Extensions in Google Chrome prior to 90.0.4430.72 allowed an attacker who convinced a user to install a malicious extension to access local files via a crafted Chrome Extension. (Chromium security severity: Medium) | ||||
| CVE-2021-4322 | 1 Google | 1 Chrome | 2025-02-13 | 8.8 High |
| Use after free in DevTools in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: Medium) | ||||
| CVE-2021-4321 | 1 Google | 1 Chrome | 2025-02-13 | 4.3 Medium |
| Policy bypass in Blink in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2021-4320 | 1 Google | 1 Chrome | 2025-02-13 | 8.8 High |
| Use after free in Blink in Google Chrome prior to 92.0.4515.107 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2021-4319 | 1 Google | 1 Chrome | 2025-02-13 | 8.8 High |
| Use after free in Blink in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2021-4318 | 1 Google | 1 Chrome | 2025-02-13 | 8.8 High |
| Object corruption in Blink in Google Chrome prior to 94.0.4606.54 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2021-4317 | 1 Google | 1 Chrome | 2025-02-13 | 8.8 High |
| Use after free in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2021-4316 | 1 Google | 1 Chrome | 2025-02-13 | 4.3 Medium |
| Inappropriate implementation in Cast UI in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to spoof browser UI via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2023-20663 | 4 Google, Linux, Mediatek and 1 more | 29 Android, Linux Kernel, Mt5221 and 26 more | 2025-02-13 | 6.7 Medium |
| In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560741; Issue ID: ALPS07560741. | ||||
| CVE-2023-20653 | 2 Google, Mediatek | 60 Android, Mt6580, Mt6731 and 57 more | 2025-02-13 | 6.7 Medium |
| In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628168; Issue ID: ALPS07589144. | ||||