Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-21 | CVE-2022-0972 | Use After Free vulnerability in Google Chrome Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-07-21 | CVE-2022-0974 | Use After Free vulnerability in Google Chrome Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-07-21 | CVE-2022-0975 | Use After Free vulnerability in Google Chrome Use after free in ANGLE in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-07-21 | CVE-2022-0976 | Out-of-bounds Write vulnerability in Google Chrome Heap buffer overflow in GPU in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2022-07-13 | CVE-2022-20212 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 10.0/11.0 In wifi.RequestToggleWifiActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking/overlay attack. | 7.8 |
| 2022-07-13 | CVE-2022-20218 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android 12.0/12.1 In PermissionController, there is a possible way to get and retain permissions without user's consent due to a logic error in the code. | 7.8 |
| 2022-07-13 | CVE-2022-20220 | Path Traversal vulnerability in Google Android 12.0/12.1 In openFile of CallLogProvider.java, there is a possible permission bypass due to a path traversal error. | 7.8 |
| 2022-07-13 | CVE-2022-20223 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android In assertSafeToStartCustomActivity of AppRestrictionsFragment.java, there is a possible way to start a phone call without permissions due to a confused deputy. | 7.8 |
| 2022-07-13 | CVE-2022-20224 | Out-of-bounds Read vulnerability in Google Android In AT_SKIP_REST of bta_hf_client_at.cc, there is a possible out of bounds read due to an incorrect bounds check. | 7.5 |
| 2022-07-13 | CVE-2022-20234 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android 12.1 In Car Settings app, the NotificationAccessConfirmationActivity is exported. | 7.5 |