Vulnerabilities > Google > Chrome > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-26 | CVE-2022-1498 | Exposure of Resource to Wrong Sphere vulnerability in Google Chrome Inappropriate implementation in HTML Parser in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 4.3 |
| 2022-07-26 | CVE-2022-1499 | Incorrect Authorization vulnerability in Google Chrome Inappropriate implementation in WebAuthentication in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass same origin policy via a crafted HTML page. | 6.3 |
| 2022-07-26 | CVE-2022-1500 | Improper Input Validation vulnerability in Google Chrome Insufficient data validation in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass content security policy via a crafted HTML page. | 6.5 |
| 2022-07-26 | CVE-2022-1501 | Exposure of Resource to Wrong Sphere vulnerability in Google Chrome Inappropriate implementation in iframe in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2022-07-26 | CVE-2022-1637 | Exposure of Resource to Wrong Sphere vulnerability in Google Chrome Inappropriate implementation in Web Contents in Google Chrome prior to 101.0.4951.64 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 4.3 |
| 2022-07-25 | CVE-2022-1306 | Authentication Bypass by Spoofing vulnerability in Google Chrome Inappropriate implementation in compositing in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 4.3 |
| 2022-07-25 | CVE-2022-1307 | Authentication Bypass by Spoofing vulnerability in Google Chrome Inappropriate implementation in full screen in Google Chrome on Android prior to 100.0.4896.88 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 4.3 |
| 2022-07-23 | CVE-2022-1128 | Path Traversal vulnerability in Google Chrome Inappropriate implementation in Web Share API in Google Chrome on Windows prior to 100.0.4896.60 allowed an attacker on the local network segment to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2022-07-23 | CVE-2022-1129 | Authentication Bypass by Spoofing vulnerability in Google Chrome Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 100.0.4896.60 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 6.5 |
| 2022-07-23 | CVE-2022-1132 | Incorrect Authorization vulnerability in Google Chrome Inappropriate implementation in Virtual Keyboard in Google Chrome on Chrome OS prior to 100.0.4896.60 allowed a local attacker to bypass navigation restrictions via physical access to the device. | 6.1 |