Vulnerabilities > Google > Chrome > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-23 | CVE-2022-1137 | Exposure of Resource to Wrong Sphere vulnerability in Google Chrome Inappropriate implementation in Extensions in Google Chrome prior to 100.0.4896.60 allowed an attacker who convinced a user to install a malicious extension to leak potentially sensitive information via a crafted HTML page. | 6.5 |
| 2022-07-23 | CVE-2022-1138 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Chrome Inappropriate implementation in Web Cursor in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who had compromised the renderer process to obscure the contents of the Omnibox (URL bar) via a crafted HTML page. | 6.5 |
| 2022-07-23 | CVE-2022-1139 | Information Exposure Through Discrepancy vulnerability in Google Chrome Inappropriate implementation in Background Fetch API in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2022-07-23 | CVE-2022-1146 | Information Exposure Through Discrepancy vulnerability in Google Chrome Inappropriate implementation in Resource Timing in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2022-04-05 | CVE-2022-0455 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Chrome Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 98.0.4758.80 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 6.5 |
| 2022-04-05 | CVE-2022-0461 | Unspecified vulnerability in Google Chrome Policy bypass in COOP in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to bypass iframe sandbox via a crafted HTML page. | 6.5 |
| 2022-04-05 | CVE-2022-0462 | Unspecified vulnerability in Google Chrome Inappropriate implementation in Scroll in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2022-04-05 | CVE-2022-0792 | Out-of-bounds Read vulnerability in Google Chrome Out of bounds read in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 6.5 |
| 2022-04-05 | CVE-2022-0802 | Unspecified vulnerability in Google Chrome Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. | 6.5 |
| 2022-04-05 | CVE-2022-0803 | Unspecified vulnerability in Google Chrome Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to tamper with the contents of the Omnibox (URL bar) via a crafted HTML page. | 6.5 |