9138 matches found
CVE-2022-4906
Inappropriate implementation in Blink in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...
CVE-2022-4908
Inappropriate implementation in iFrame Sandbox in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2022-4909
Inappropriate implementation in XML in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially perform an ASLR bypass via a crafted HTML page. Chromium security severity: Low...
CVE-2022-4908
Inappropriate implementation in iFrame Sandbox in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2022-4909
Inappropriate implementation in XML in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially perform an ASLR bypass via a crafted HTML page. Chromium security severity: Low...
Information disclosure
Inappropriate implementation in Omnibox in Google Chrome prior to 99.0.4844.51 allowed an attacker in a privileged network position to perform a man-in-the-middle attack via malicious network traffic. Chromium security severity: Low...
Design/Logic Flaw
Inappropriate implementation in URL Formatting in Google Chrome prior to 103.0.5060.134 allowed a remote attacker to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2022-4909
Inappropriate implementation in XML in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially perform an ASLR bypass via a crafted HTML page. Chromium security severity: Low...
Design/Logic Flaw
Inappropriate implementation in XML in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially perform an ASLR bypass via a crafted HTML page. Chromium security severity: Low...
CVE-2022-4906
Inappropriate implementation in Blink in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...
Design/Logic Flaw
Inappropriate implementation in Cast UI in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to spoof browser UI via a crafted HTML page. Chromium security severity: Low...
CVE-2022-4910
Inappropriate implementation in Autofill in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...
CVE-2023-2313
CVE-2023-2313 concerns Google Chrome on Windows with an insecure Sandbox implementation in the Chromium-based renderer before version 112.0.5615.49. The vulnerability allows a remote attacker who has already compromised the renderer process to perform arbitrary read/write via a malicious file, in...
CVE-2022-4922
Inappropriate implementation in Blink in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2022-4923
CVE-2022-4923 describes an Inappropriate implementation in Omnibox of Google Chrome before 99.0.4844.51, enabling a privileged network-position attacker to perform a man-in-the-middle via malicious traffic. Affected component: Omnibox within Chrome/Chromium; underlying cause cited as improper Omn...
CVE-2022-4915
CVE-2022-4915 is a Chrome/Chromium URL formatting vulnerability: an improper URL handling in Chrome prior to 103.0.5060.134 allowed a remote attacker to spoof domains via a crafted HTML page. Documents consistently reference Google Chrome/Chromium and a domain-spoofing impact; desktop Chrome vers...
CVE-2022-4913
Inappropriate implementation in Extensions in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who had compromised the renderer process to spoof extension storage via a crafted HTML page. Chromium security severity: High...
CVE-2022-4910
Inappropriate implementation in Autofill in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...
CVE-2022-4906
CVE-2022-4906 concerns Blink/Chromium in Google Chrome prior to 108.0.5359.71. The vulnerability arises from an inappropriate implementation in Blink that permits a remote attacker to perform arbitrary read/write via a crafted HTML page, with high impact (C/H, I/H, A/H) and network attack vector....
CVE-2022-4906
Inappropriate implementation in Blink in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: High...