Vulnerabilities > Google > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-11-25 CVE-2022-4135 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google microsoft CWE-787
critical
9.6
2022-11-18 CVE-2022-41900 Out-of-bounds Write vulnerability in Google Tensorflow
TensorFlow is an open source platform for machine learning.
network
low complexity
google CWE-787
critical
9.8
2022-11-18 CVE-2022-41880 Out-of-bounds Read vulnerability in Google Tensorflow
TensorFlow is an open source platform for machine learning.
network
low complexity
google CWE-125
critical
9.1
2022-11-09 CVE-2022-3890 Out-of-bounds Write vulnerability in Google Chrome
Heap buffer overflow in Crashpad in Google Chrome on Android prior to 107.0.5304.106 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google CWE-787
critical
9.6
2022-09-26 CVE-2022-3075 Improper Input Validation vulnerability in multiple products
Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google fedoraproject CWE-20
critical
9.6
2022-08-10 CVE-2022-20239 Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android
remap_pfn_range' here may map out of size kernel memory (for example, may map the kernel area), and because the 'vma->vm_page_prot' can also be controlled by userspace, so userspace may map the kernel area to be writable, which is easy to be exploitedProduct: AndroidVersions: Android SoCAndroid ID: A-233972091
network
low complexity
google CWE-610
critical
9.8
2022-07-28 CVE-2022-2010 Out-of-bounds Read vulnerability in multiple products
Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google fedoraproject CWE-125
critical
9.3
2022-07-27 CVE-2022-1853 Use After Free vulnerability in Google Chrome
Use after free in Indexed DB in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google CWE-416
critical
9.6
2022-07-21 CVE-2022-0977 Use After Free vulnerability in Google Chrome
Use after free in Browser UI in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-416
critical
9.6
2022-07-21 CVE-2022-0973 Use After Free vulnerability in Google Chrome
Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-416
critical
9.6