Vulnerabilities > Google > Chrome > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-30 | CVE-2022-4184 | Unspecified vulnerability in Google Chrome Insufficient policy enforcement in Autofill in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass autofill restrictions via a crafted HTML page. | 4.3 |
| 2022-11-30 | CVE-2022-4185 | Unspecified vulnerability in Google Chrome Inappropriate implementation in Navigation in Google Chrome on iOS prior to 108.0.5359.71 allowed a remote attacker to spoof the contents of the modal dialogue via a crafted HTML page. | 4.3 |
| 2022-11-30 | CVE-2022-4186 | Improper Input Validation vulnerability in Google Chrome Insufficient validation of untrusted input in Downloads in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass Downloads restrictions via a crafted HTML page. | 4.3 |
| 2022-11-30 | CVE-2022-4187 | Unspecified vulnerability in Google Chrome Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 108.0.5359.71 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. | 6.5 |
| 2022-11-30 | CVE-2022-4188 | Injection vulnerability in Google Chrome Insufficient validation of untrusted input in CORS in Google Chrome on Android prior to 108.0.5359.71 allowed a remote attacker to bypass same origin policy via a crafted HTML page. | 4.3 |
| 2022-11-30 | CVE-2022-4189 | Unspecified vulnerability in Google Chrome Insufficient policy enforcement in DevTools in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. | 4.3 |
| 2022-11-30 | CVE-2022-4195 | Unspecified vulnerability in Google Chrome Insufficient policy enforcement in Safe Browsing in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass Safe Browsing warnings via a malicious file. | 4.3 |
| 2022-11-09 | CVE-2022-3447 | Unspecified vulnerability in Google Chrome Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 106.0.5249.119 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 4.3 |
| 2022-11-01 | CVE-2022-3660 | Unspecified vulnerability in Google Chrome Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 107.0.5304.62 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. | 4.3 |
| 2022-11-01 | CVE-2022-3661 | Improper Input Validation vulnerability in Google Chrome Insufficient data validation in Extensions in Google Chrome prior to 107.0.5304.62 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted Chrome extension. | 4.3 |