Search Results (363638 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-0807 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2024-11-21 6.5 Medium
Inappropriate implementation in Autofill in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
CVE-2022-0806 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2024-11-21 6.5 Medium
Data leak in Canvas in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in screen sharing to potentially leak cross-origin data via a crafted HTML page.
CVE-2022-0805 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2024-11-21 8.8 High
Use after free in Browser Switcher in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction.
CVE-2022-0804 4 Apple, Google, Linux and 1 more 5 Macos, Android, Chrome and 2 more 2024-11-21 6.5 Medium
Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2022-0803 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2024-11-21 6.5 Medium
Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to tamper with the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2022-0802 4 Apple, Google, Linux and 1 more 5 Macos, Android, Chrome and 2 more 2024-11-21 6.5 Medium
Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2022-0801 1 Google 1 Chrome 2024-11-21 6.1 Medium
Inappropriate implementation in HTML parser in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass XSS preventions via a crafted HTML page. (Chrome security severity: Medium)
CVE-2022-0800 1 Google 1 Chrome 2024-11-21 8.8 High
Heap buffer overflow in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0799 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2024-11-21 8.8 High
Insufficient policy enforcement in Installer in Google Chrome on Windows prior to 99.0.4844.51 allowed a remote attacker to perform local privilege escalation via a crafted offline installer file.
CVE-2022-0798 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2024-11-21 8.8 High
Use after free in MediaStream in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.
CVE-2022-0797 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2024-11-21 8.8 High
Out of bounds memory access in Mojo in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
CVE-2022-0796 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2024-11-21 8.8 High
Use after free in Media in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0795 1 Google 1 Chrome 2024-11-21 8.8 High
Type confusion in Blink Layout in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0794 1 Google 1 Chrome 2024-11-21 8.8 High
Use after free in WebShare in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0793 1 Google 1 Chrome 2024-11-21 8.8 High
Use after free in Cast in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension and engage in specific user interaction to potentially exploit heap corruption via a crafted Chrome Extension.
CVE-2022-0792 1 Google 1 Chrome 2024-11-21 6.5 Medium
Out of bounds read in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0791 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2024-11-21 8.8 High
Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via user interactions.
CVE-2022-0790 1 Google 1 Chrome 2024-11-21 9.6 Critical
Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML page.
CVE-2022-0789 1 Google 1 Chrome 2024-11-21 8.8 High
Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0787 1 Limit Login Attempts Project 1 Limit Login Attempts 2024-11-21 9.8 Critical
The Limit Login Attempts (Spam Protection) WordPress plugin before 5.1 does not sanitise and escape some parameters before using them in SQL statements via AJAX actions (available to unauthenticated users), leading to SQL Injections