Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-29 | CVE-2022-4912 | Type Confusion vulnerability in Google Chrome Type Confusion in MathML in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2023-07-29 | CVE-2022-4914 | Out-of-bounds Write vulnerability in Google Chrome Heap buffer overflow in PrintPreview in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2023-07-29 | CVE-2022-4916 | Use After Free vulnerability in Google Chrome Use after free in Media in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. | 8.8 |
| 2023-07-29 | CVE-2022-4918 | Use After Free vulnerability in Google Chrome Use after free in UI in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. | 8.8 |
| 2023-07-29 | CVE-2022-4919 | Use After Free vulnerability in Google Chrome Use after free in Base Internals in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. | 8.8 |
| 2023-07-29 | CVE-2022-4921 | Use After Free vulnerability in Google Chrome Use after free in Accessibility in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform arbitrary read/write via a crafted HTML page. | 8.8 |
| 2023-07-29 | CVE-2023-2313 | Unspecified vulnerability in Google Chrome Inappropriate implementation in Sandbox in Google Chrome on Windows prior to 112.0.5615.49 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a malicious file. | 8.8 |
| 2023-07-28 | CVE-2023-3598 | Out-of-bounds Write vulnerability in Google Chrome Out of bounds read and write in ANGLE in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2023-07-25 | CVE-2023-2626 | Improper Authentication vulnerability in Google products There exists an authentication bypass vulnerability in OpenThread border router devices and implementations. This issue allows unauthenticated nodes to craft radio frames using “Key ID Mode 2”: a special mode using a static encryption key to bypass security checks, resulting in arbitrary IP packets being allowed on the Thread network. This provides a pathway for an attacker to send/receive arbitrary IPv6 packets to devices on the LAN, potentially exploiting them if they lack additional authentication or contain any network vulnerabilities that would normally be mitigated by the home router’s NAT firewall. | 8.8 |
| 2023-07-14 | CVE-2023-35692 | Unspecified vulnerability in Google Android In getLocationCache of GeoLocation.java, there is a possible way to send a mock location during an emergency call due to improper input validation. | 7.8 |