Filtered by vendor Google Subscriptions
Total 12112 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-2458 1 Google 2 Chrome, Chrome Os 2024-10-03 8.8 High
Use after free in ChromeOS Camera in Google Chrome on ChromeOS prior to 113.0.5672.114 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via UI interaction. (Chromium security severity: High)
CVE-2023-2457 1 Google 2 Chrome, Chrome Os 2024-10-03 8.8 High
Out of bounds write in ChromeOS Audio Server in Google Chrome on ChromeOS prior to 113.0.5672.114 allowed a remote attacker to potentially exploit heap corruption via crafted audio file. (Chromium security severity: High)
CVE-2023-2137 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-10-03 8.8 High
Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-2135 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-10-03 7.5 High
Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-2468 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-10-03 4.3 Medium
Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed a remote attacker who had compromised the renderer process to obfuscate the security UI via a crafted HTML page. (Chromium security severity: Low)
CVE-2023-2467 3 Debian, Fedoraproject, Google 4 Debian Linux, Fedora, Android and 1 more 2024-10-03 4.3 Medium
Inappropriate implementation in Prompts in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to bypass permissions restrictions via a crafted HTML page. (Chromium security severity: Low)
CVE-2023-2466 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-10-03 4.3 Medium
Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to spoof the contents of the security UI via a crafted HTML page. (Chromium security severity: Low)
CVE-2023-2465 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-10-03 4.3 Medium
Inappropriate implementation in CORS in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-2464 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-10-03 4.3 Medium
Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to perform an origin spoof in the security UI via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-2463 3 Debian, Fedoraproject, Google 4 Debian Linux, Fedora, Android and 1 more 2024-10-03 4.3 Medium
Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-2462 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-10-03 4.3 Medium
Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to obfuscate main origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2022-4921 1 Google 1 Chrome 2024-10-03 8.8 High
Use after free in Accessibility in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Low)
CVE-2022-4920 1 Google 1 Chrome 2024-10-03 9.6 Critical
Heap buffer overflow in Blink in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2022-4919 1 Google 1 Chrome 2024-10-03 8.8 High
Use after free in Base Internals in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
CVE-2021-4322 1 Google 1 Chrome 2024-10-03 8.8 High
Use after free in DevTools in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: Medium)
CVE-2022-4926 2 Fedoraproject, Google 3 Fedora, Android, Chrome 2024-10-03 6.5 Medium
Insufficient policy enforcement in Intents in Google Chrome on Android prior to 109.0.5414.119 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)
CVE-2021-4324 1 Google 1 Chrome 2024-10-03 6.5 Medium
Insufficient policy enforcement in Google Update in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to read arbitrary files via a malicious file. (Chromium security severity: Medium)
CVE-2021-4323 1 Google 1 Chrome 2024-10-03 6.5 Medium
Insufficient validation of untrusted input in Extensions in Google Chrome prior to 90.0.4430.72 allowed an attacker who convinced a user to install a malicious extension to access local files via a crafted Chrome Extension. (Chromium security severity: Medium)
CVE-2023-38458 2 Google, Unisoc 9 Android, Sc7731e, Sc9832e and 6 more 2024-10-03 7.8 High
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges
CVE-2023-38459 2 Google, Unisoc 9 Android, Sc7731e, Sc9832e and 6 more 2024-10-03 7.8 High
In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges