Vulnerabilities > Google > Chrome > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-07-28 CVE-2022-2010 Out-of-bounds Read vulnerability in multiple products
Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google fedoraproject CWE-125
critical
9.3
2022-07-27 CVE-2022-1853 Use After Free vulnerability in Google Chrome
Use after free in Indexed DB in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google CWE-416
critical
9.6
2022-07-25 CVE-2022-1309 Incorrect Authorization vulnerability in Google Chrome
Insufficient policy enforcement in developer tools in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google CWE-863
critical
9.6
2022-07-25 CVE-2022-1312 Use After Free vulnerability in Google Chrome
Use after free in storage in Google Chrome prior to 100.0.4896.88 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
network
low complexity
google CWE-416
critical
9.6
2022-07-21 CVE-2022-0973 Use After Free vulnerability in Google Chrome
Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-416
critical
9.6
2022-07-21 CVE-2022-0977 Use After Free vulnerability in Google Chrome
Use after free in Browser UI in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-416
critical
9.6
2022-04-05 CVE-2022-0452 Use After Free vulnerability in Google Chrome
Use after free in Safe Browsing in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google CWE-416
critical
9.6
2022-04-05 CVE-2022-0466 Unspecified vulnerability in Google Chrome
Inappropriate implementation in Extensions Platform in Google Chrome prior to 98.0.4758.80 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google
critical
9.6
2022-04-05 CVE-2022-0790 Use After Free vulnerability in Google Chrome
Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google CWE-416
critical
9.6
2022-02-12 CVE-2022-0290 Use After Free vulnerability in Google Chrome
Use after free in Site isolation in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google CWE-416
critical
9.6