Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-10 | CVE-2023-0138 | Out-of-bounds Write vulnerability in Google Chrome Heap buffer overflow in libphonenumber in Google Chrome prior to 109.0.5414.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2023-01-03 | CVE-2022-32635 | Out-of-bounds Write vulnerability in Google Android In gps, there is a possible out of bounds write due to a missing bounds check. | 7.8 |
| 2023-01-02 | CVE-2019-13768 | Use After Free vulnerability in Google Chrome Use after free in FileAPI in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | 7.4 |
| 2023-01-02 | CVE-2021-30558 | Unspecified vulnerability in Google Chrome Insufficient policy enforcement in content security policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page. | 8.8 |
| 2023-01-02 | CVE-2022-2742 | Race Condition vulnerability in Google Chrome Use after free in Exosphere in Google Chrome on Chrome OS and Lacros prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions. | 8.8 |
| 2023-01-02 | CVE-2022-2743 | Integer Overflow or Wraparound vulnerability in Google Chrome Integer overflow in Window Manager in Google Chrome on Chrome OS and Lacros prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific UI interactions to perform an out of bounds memory write via crafted UI interactions. | 8.8 |
| 2023-01-02 | CVE-2022-3842 | Use After Free vulnerability in Google Chrome Use after free in Passwords in Google Chrome prior to 105.0.5195.125 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | 7.5 |
| 2022-12-16 | CVE-2022-20503 | Missing Authorization vulnerability in Google Android 13.0 In onCreate of WifiDppConfiguratorActivity.java, there is a possible way for a guest user to add a WiFi configuration due to a missing permission check. | 7.8 |
| 2022-12-16 | CVE-2022-20506 | Missing Authorization vulnerability in Google Android 13.0 In onCreate of WifiDialogActivity.java, there is a missing permission check. | 7.8 |
| 2022-12-16 | CVE-2022-20507 | Improper Input Validation vulnerability in Google Android 13.0 In onMulticastListUpdateNotificationReceived of UwbEventManager.java, there is a possible arbitrary code execution due to a missing bounds check. | 7.8 |