Vulnerabilities > Google > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-02 | CVE-2022-0337 | Exposure of Resource to Wrong Sphere vulnerability in Google Chrome Inappropriate implementation in File System API in Google Chrome on Windows prior to 97.0.4692.71 allowed a remote attacker to obtain potentially sensitive information via a crafted HTML page. | 6.5 |
| 2023-01-02 | CVE-2022-0801 | Cross-site Scripting vulnerability in Google Chrome Inappropriate implementation in HTML parser in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass XSS preventions via a crafted HTML page. | 6.1 |
| 2023-01-02 | CVE-2022-3863 | Use After Free vulnerability in Google Chrome Use after free in Browser History in Google Chrome prior to 100.0.4896.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 6.1 |
| 2023-01-02 | CVE-2022-4025 | Unspecified vulnerability in Google Chrome Inappropriate implementation in Paint in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to leak cross-origin data outside an iframe via a crafted HTML page. | 4.3 |
| 2022-12-16 | CVE-2022-20199 | Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android 13.0 In multiple locations of NfcService.java, there is a possible disclosure of NFC tags due to a confused deputy. | 5.5 |
| 2022-12-16 | CVE-2022-20504 | Missing Authorization vulnerability in Google Android 13.0 In multiple locations of DreamManagerService.java, there is a missing permission check. | 6.7 |
| 2022-12-16 | CVE-2022-20505 | Path Traversal vulnerability in Google Android 13.0 In openFile of CallLogProvider.java, there is a possible permission bypass due to a path traversal error. | 6.7 |
| 2022-12-16 | CVE-2022-20509 | Out-of-bounds Write vulnerability in Google Android 13.0 In mapGrantorDescr of MessageQueueBase.h, there is a possible out of bounds write due to a missing bounds check. | 6.7 |
| 2022-12-16 | CVE-2022-20510 | Missing Authorization vulnerability in Google Android 13.0 In getNearbyNotificationStreamingPolicy of DevicePolicyManagerService.java, there is a possible way to learn about the notification streaming policy of other users due to a permissions bypass. | 5.5 |
| 2022-12-16 | CVE-2022-20511 | Missing Authorization vulnerability in Google Android 13.0 In getNearbyAppStreamingPolicy of DevicePolicyManagerService.java, there is a missing permission check. | 5.5 |