Vulnerabilities > Google > Chrome

DATE CVE VULNERABILITY TITLE RISK
2022-07-27 CVE-2022-1864 Use After Free vulnerability in Google Chrome
Use after free in WebApp Installs in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction.
network
low complexity
google CWE-416
8.8
2022-07-27 CVE-2022-1865 Use After Free vulnerability in Google Chrome
Use after free in Bookmarks in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction.
network
low complexity
google CWE-416
8.8
2022-07-27 CVE-2022-1866 Use After Free vulnerability in Google Chrome
Use after free in Tablet Mode in Google Chrome on Chrome OS prior to 102.0.5005.61 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific user interactions.
network
low complexity
google CWE-416
8.8
2022-07-27 CVE-2022-1867 Unspecified vulnerability in Google Chrome
Insufficient validation of untrusted input in Data Transfer in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to bypass same origin policy via a crafted clipboard content.
network
low complexity
google
6.5
2022-07-27 CVE-2022-1868 Unspecified vulnerability in Google Chrome
Inappropriate implementation in Extensions API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page.
network
low complexity
google
6.5
2022-07-27 CVE-2022-1869 Type Confusion vulnerability in Google Chrome
Type Confusion in V8 in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-843
6.5
2022-07-27 CVE-2022-1870 Use After Free vulnerability in Google Chrome
Use after free in App Service in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.
network
low complexity
google CWE-416
8.8
2022-07-27 CVE-2022-1871 Unspecified vulnerability in Google Chrome
Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass file system policy via a crafted HTML page.
network
low complexity
google
4.3
2022-07-27 CVE-2022-1872 Unspecified vulnerability in Google Chrome
Insufficient policy enforcement in Extensions API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass downloads policy via a crafted HTML page.
network
low complexity
google
4.3
2022-07-27 CVE-2022-1873 Exposure of Resource to Wrong Sphere vulnerability in Google Chrome
Insufficient policy enforcement in COOP in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
network
low complexity
google CWE-668
6.5