Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-08 | CVE-2022-20451 | Missing Authorization vulnerability in Google Android In onCallRedirectionComplete of CallsManager.java, there is a possible permissions bypass due to a missing permission check. | 7.8 |
| 2022-11-08 | CVE-2022-20452 | Unspecified vulnerability in Google Android 13.0 In initializeFromParcelLocked of BaseBundle.java, there is a possible method arbitrary code execution due to a confused deputy. | 7.8 |
| 2022-11-08 | CVE-2022-20462 | Out-of-bounds Write vulnerability in Google Android In phNxpNciHal_write_unlocked of phNxpNciHal.cc, there is a possible out of bounds write due to a missing bounds check. | 7.8 |
| 2022-11-08 | CVE-2022-32601 | Deserialization of Untrusted Data vulnerability in Google Android 10.0/11.0/12.0 In telephony, there is a possible permission bypass due to a parcel format mismatch. | 7.8 |
| 2022-11-01 | CVE-2022-3652 | Type Confusion vulnerability in Google Chrome Type confusion in V8 in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-11-01 | CVE-2022-3653 | Out-of-bounds Write vulnerability in Google Chrome Heap buffer overflow in Vulkan in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-11-01 | CVE-2022-3654 | Use After Free vulnerability in Google Chrome Use after free in Layout in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-11-01 | CVE-2022-3655 | Out-of-bounds Write vulnerability in Google Chrome Heap buffer overflow in Media Galleries in Google Chrome prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-11-01 | CVE-2022-3656 | Improper Input Validation vulnerability in Google Chrome Insufficient data validation in File System in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. | 8.8 |
| 2022-11-01 | CVE-2022-3657 | Use After Free vulnerability in Google Chrome Use after free in Extensions in Google Chrome prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. | 8.8 |