CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Google » Chrome » * * * * : Security Vulnerabilities

Cpe Name:cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2022-0809 119 Overflow Mem. Corr. 2022-04-05 2022-04-12
6.8
None Remote Medium Not required Partial Partial Partial
Out of bounds memory access in WebXR in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
2 CVE-2022-0808 416 2022-04-05 2022-04-12
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in a series of user interaction to potentially exploit heap corruption via user interactions.
3 CVE-2022-0807 Bypass 2022-04-05 2022-04-11
4.3
None Remote Medium Not required None Partial None
Inappropriate implementation in Autofill in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
4 CVE-2022-0806 668 2022-04-05 2022-04-11
4.3
None Remote Medium Not required Partial None None
Data leak in Canvas in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in screen sharing to potentially leak cross-origin data via a crafted HTML page.
5 CVE-2022-0805 416 2022-04-05 2022-04-11
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Browser Switcher in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction.
6 CVE-2022-0803 732 2022-04-05 2022-04-11
4.3
None Remote Medium Not required None Partial None
Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to tamper with the contents of the Omnibox (URL bar) via a crafted HTML page.
7 CVE-2022-0800 787 Overflow 2022-04-05 2022-04-11
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
8 CVE-2022-0799 269 2022-04-05 2022-04-11
6.8
None Remote Medium Not required Partial Partial Partial
Insufficient policy enforcement in Installer in Google Chrome on Windows prior to 99.0.4844.51 allowed a remote attacker to perform local privilege escalation via a crafted offline installer file.
9 CVE-2022-0798 416 2022-04-05 2022-04-11
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in MediaStream in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.
10 CVE-2022-0797 119 Overflow 2022-04-05 2022-04-11
6.8
None Remote Medium Not required Partial Partial Partial
Out of bounds memory access in Mojo in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
11 CVE-2022-0796 416 2022-04-05 2022-04-11
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Media in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
12 CVE-2022-0795 843 2022-04-05 2022-04-11
6.8
None Remote Medium Not required Partial Partial Partial
Type confusion in Blink Layout in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
13 CVE-2022-0794 416 2022-04-05 2022-04-11
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in WebShare in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
14 CVE-2022-0793 416 2022-04-05 2022-04-12
4.3
None Remote Medium Not required None None Partial
Use after free in Cast in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension and engage in specific user interaction to potentially exploit heap corruption via a crafted Chrome Extension.
15 CVE-2022-0792 125 2022-04-05 2022-04-08
4.3
None Remote Medium Not required Partial None None
Out of bounds read in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
16 CVE-2022-0791 416 2022-04-05 2022-04-11
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via user interactions.
17 CVE-2022-0790 416 2022-04-05 2022-04-11
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML page.
18 CVE-2022-0789 787 Overflow 2022-04-05 2022-04-08
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
19 CVE-2022-0610 119 Overflow 2022-04-05 2022-04-11
6.8
None Remote Medium Not required Partial Partial Partial
Inappropriate implementation in Gamepad API in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
20 CVE-2022-0609 416 2022-04-05 2022-04-08
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Animation in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
21 CVE-2022-0608 190 Overflow 2022-04-05 2022-04-08
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in Mojo in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
22 CVE-2022-0607 416 2022-04-05 2022-04-11
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in GPU in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
23 CVE-2022-0606 416 2022-04-05 2022-04-08
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in ANGLE in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
24 CVE-2022-0605 416 2022-04-05 2022-04-11
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and convinced a user to enage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
25 CVE-2022-0604 787 Overflow 2022-04-05 2022-04-08
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in Tab Groups in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
26 CVE-2022-0470 119 Overflow Mem. Corr. 2022-04-05 2022-04-11
6.8
None Remote Medium Not required Partial Partial Partial
Out of bounds memory access in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
27 CVE-2022-0469 416 2022-04-05 2022-04-08
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Cast in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific interactions to potentially exploit heap corruption via a crafted HTML page.
28 CVE-2022-0468 416 2022-04-05 2022-04-08
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Payments in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
29 CVE-2022-0467 Bypass 2022-04-05 2022-04-12
6.8
None Remote Medium Not required Partial Partial Partial
Inappropriate implementation in Pointer Lock in Google Chrome on Windows prior to 98.0.4758.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
30 CVE-2022-0466 2022-04-05 2022-04-13
6.8
None Remote Medium Not required Partial Partial Partial
Inappropriate implementation in Extensions Platform in Google Chrome prior to 98.0.4758.80 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page.
31 CVE-2022-0465 416 2022-04-05 2022-04-08
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Extensions in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via user interaction.
32 CVE-2022-0464 416 2022-04-05 2022-04-08
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Accessibility in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction.
33 CVE-2022-0463 416 2022-04-05 2022-04-08
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Accessibility in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction.
34 CVE-2022-0462 2022-04-05 2022-04-12
4.3
None Remote Medium Not required Partial None None
Inappropriate implementation in Scroll in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
35 CVE-2022-0461 668 Bypass 2022-04-05 2022-04-12
6.4
None Remote Low Not required Partial Partial None
Policy bypass in COOP in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to bypass iframe sandbox via a crafted HTML page.
36 CVE-2022-0460 416 2022-04-05 2022-04-08
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Window Dialogue in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
37 CVE-2022-0459 416 2022-04-05 2022-04-11
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Screen Capture in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who had compromised the renderer process and convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
38 CVE-2022-0458 416 2022-04-05 2022-04-08
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Thumbnail Tab Strip in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
39 CVE-2022-0457 843 2022-04-05 2022-04-11
6.8
None Remote Medium Not required Partial Partial Partial
Type confusion in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
40 CVE-2022-0456 416 2022-04-05 2022-04-08
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Web Search in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via profile destruction.
41 CVE-2022-0454 787 Overflow 2022-04-05 2022-04-08
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in ANGLE in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
42 CVE-2022-0453 416 2022-04-05 2022-04-08
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Reader Mode in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
43 CVE-2022-0452 416 2022-04-05 2022-04-11
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Safe Browsing in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
44 CVE-2022-0311 787 Overflow 2022-02-12 2022-02-22
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
45 CVE-2022-0310 787 Overflow 2022-02-12 2022-02-22
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via specific user interactions.
46 CVE-2022-0309 863 Bypass 2022-02-12 2022-02-22
4.3
None Remote Medium Not required None Partial None
Inappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
47 CVE-2022-0307 416 2022-02-12 2022-02-19
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Optimization Guide in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
48 CVE-2022-0306 787 Overflow 2022-02-12 2022-05-11
6.8
None Remote Medium Not required Partial Partial Partial
Heap buffer overflow in PDFium in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
49 CVE-2022-0305 863 Bypass 2022-02-12 2022-02-22
4.3
None Remote Medium Not required None Partial None
Inappropriate implementation in Service Worker API in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.
50 CVE-2022-0304 416 2022-02-12 2022-02-19
6.8
None Remote Medium Not required Partial Partial Partial
Use after free in Bookmarks in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page.
Total number of vulnerabilities : 2332   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.