Vulnerabilities > Google > High

DATE CVE VULNERABILITY TITLE RISK
2022-04-05 CVE-2022-0605 Use After Free vulnerability in Google Chrome
Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and convinced a user to enage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-416
8.8
8.8
2022-04-05 CVE-2022-0606 Use After Free vulnerability in Google Chrome
Use after free in ANGLE in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-416
8.8
8.8
2022-04-05 CVE-2022-0607 Use After Free vulnerability in Google Chrome
Use after free in GPU in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-416
8.8
8.8
2022-04-05 CVE-2022-0608 Integer Overflow or Wraparound vulnerability in Google Chrome
Integer overflow in Mojo in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-190
8.8
8.8
2022-04-05 CVE-2022-0609 Use After Free vulnerability in Google Chrome
Use after free in Animation in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-416
8.8
8.8
2022-04-05 CVE-2022-0610 Out-of-bounds Write vulnerability in Google Chrome
Inappropriate implementation in Gamepad API in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-787
8.8
8.8
2022-03-30 CVE-2021-1000 Incorrect Default Permissions vulnerability in Google Android 12.1
In createBluetoothDeviceSlice of ConnectedDevicesSliceProvider.java, there is a possible permission bypass due to an unsafe PendingIntent.
local
low complexity
google CWE-276
7.8
7.8
2022-03-30 CVE-2021-1033 Incorrect Default Permissions vulnerability in Google Android 12.1
In createGeneralSlice of ConnectedDevicesSliceProvider.java.java, there is a possible permission bypass due to an unsafe PendingIntent.
local
low complexity
google CWE-276
7.8
7.8
2022-03-30 CVE-2021-39741 Out-of-bounds Write vulnerability in Google Android 12.1
In Keymaster, there is a possible out of bounds write due to a missing bounds check.
local
low complexity
google CWE-787
7.8
7.8
2022-03-30 CVE-2021-39743 Missing Authorization vulnerability in Google Android 12.1
In PackageManager, there is a possible way to update the last usage time of another package due to a missing permission check.
local
low complexity
google CWE-862
7.8
7.8