Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Chrome
(Google)| Repositories |
• https://github.com/googlei18n/sfntly
• https://github.com/behdad/harfbuzz • https://github.com/uclouvain/openjpeg |
| #Vulnerabilities | 3638 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-08-12 | CVE-2022-2617 | Use after free in Extensions API in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interactions. | Fedora, Chrome | 8.8 | ||
| 2022-08-12 | CVE-2022-2618 | Insufficient validation of untrusted input in Internals in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to bypass download restrictions via a malicious file . | Fedora, Chrome | 6.5 | ||
| 2022-08-12 | CVE-2022-2619 | Insufficient validation of untrusted input in Settings in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted HTML page. | Fedora, Chrome | 4.3 | ||
| 2022-08-12 | CVE-2022-2620 | Use after free in WebUI in Google Chrome on Chrome OS prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. | Fedora, Chrome | 8.8 | ||
| 2022-08-12 | CVE-2022-2621 | Use after free in Extensions in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interactions. | Fedora, Chrome | 8.8 | ||
| 2022-08-12 | CVE-2022-2622 | Insufficient validation of untrusted input in Safe Browsing in Google Chrome on Windows prior to 104.0.5112.79 allowed a remote attacker to bypass download restrictions via a crafted file. | Fedora, Chrome | 6.5 | ||
| 2022-08-12 | CVE-2022-2624 | Heap buffer overflow in PDF in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted PDF file. | Fedora, Chrome | 8.8 | ||
| 2022-08-12 | CVE-2022-2623 | Use after free in Offline in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions. | Fedora, Chrome | 8.8 | ||
| 2022-09-26 | CVE-2022-3201 | Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: High) | Debian_linux, Fedora, Chrome | 5.4 | ||
| 2022-11-01 | CVE-2022-3370 | Use after free in Custom Elements in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | Chrome | 8.8 |