Vulnerabilities > Google > Chrome OS > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-02 | CVE-2022-2743 | Integer Overflow or Wraparound vulnerability in Google Chrome Integer overflow in Window Manager in Google Chrome on Chrome OS and Lacros prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific UI interactions to perform an out of bounds memory write via crafted UI interactions. | 8.8 |
| 2019-10-01 | CVE-2019-16508 | Integer Overflow or Wraparound vulnerability in Google Chrome OS The Imagination Technologies driver for Chrome OS before R74-11895.B, R75 before R75-12105.B, and R76 before R76-12208.0.0 allows attackers to trigger an Integer Overflow and gain privileges via a malicious application. | 7.8 |
| 2018-02-07 | CVE-2017-15400 | CRLF Injection vulnerability in Google Chrome OS Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker to execute a command with the same privileges as the cups daemon via a crafted PPD file, aka a printer zeroconfig CRLF issue. | 7.8 |
| 2018-02-07 | CVE-2017-15397 | Missing Encryption of Sensitive Data vulnerability in Google Chrome OS Inappropriate implementation in ChromeVox in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker in a privileged network position to observe or tamper with certain cleartext HTTP requests by leveraging that position. | 7.4 |
| 2016-09-25 | CVE-2016-5169 | Unspecified vulnerability in Google Chrome OS Format string vulnerability in Google Chrome OS before 53.0.2785.103 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | 8.8 |
| 2010-12-22 | CVE-2010-4577 | Type Confusion vulnerability in multiple products The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in WebKit, as used in Google Chrome before 8.0.552.224, Chrome OS before 8.0.552.343, webkitgtk before 1.2.6, and other products does not properly parse Cascading Style Sheets (CSS) token sequences, which allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted local font, related to "Type Confusion." | 7.5 |