Vulnerabilities > Google > Chrome > 102.0.4970.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-28 | CVE-2022-2162 | Insufficient policy enforcement in File System API in Google Chrome on Windows prior to 103.0.5060.53 allowed a remote attacker to bypass file system access via a crafted HTML page. | 8.8 |
| 2022-07-28 | CVE-2022-2164 | Inappropriate implementation in Extensions API in Google Chrome prior to 103.0.5060.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted HTML page. | 6.3 |
| 2022-07-28 | CVE-2022-2165 | Insufficient data validation in URL formatting in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. | 4.3 |
| 2022-07-28 | CVE-2022-2415 | Out-of-bounds Write vulnerability in Google Chrome Heap buffer overflow in WebGL in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-07-27 | CVE-2022-1853 | Use After Free vulnerability in Google Chrome Use after free in Indexed DB in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
| 2022-07-27 | CVE-2022-1854 | Use After Free vulnerability in Google Chrome Use after free in ANGLE in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-07-27 | CVE-2022-1855 | Use After Free vulnerability in Google Chrome Use after free in Messaging in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-07-27 | CVE-2022-1856 | Use After Free vulnerability in Google Chrome Use after free in User Education in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension or specific user interaction. | 8.8 |
| 2022-07-27 | CVE-2022-1857 | Unspecified vulnerability in Google Chrome Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. | 8.8 |
| 2022-07-27 | CVE-2022-1858 | Out-of-bounds Read vulnerability in Google Chrome Out of bounds read in DevTools in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to perform an out of bounds memory read via specific user interaction. | 6.5 |