CVE-2022-4187
- EPSS 0.06%
- Published 30.11.2022 00:15:10
- Last modified 21.11.2024 07:34:44
Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 108.0.5359.71 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. (Chromium security severity: Medium)
CVE-2022-4188
- EPSS 0.06%
- Published 30.11.2022 00:15:10
- Last modified 21.11.2024 07:34:44
Insufficient validation of untrusted input in CORS in Google Chrome on Android prior to 108.0.5359.71 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)
CVE-2022-4189
- EPSS 0.04%
- Published 30.11.2022 00:15:10
- Last modified 21.11.2024 07:34:44
Insufficient policy enforcement in DevTools in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severit...
CVE-2022-4190
- EPSS 0.05%
- Published 30.11.2022 00:15:10
- Last modified 21.11.2024 07:34:44
Insufficient data validation in Directory in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. (Chromium security severity: Medium)
CVE-2022-4191
- EPSS 0.37%
- Published 30.11.2022 00:15:10
- Last modified 21.11.2024 07:34:45
Use after free in Sign-In in Google Chrome prior to 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via profile destruction. (Chromium security severity: Medium)
CVE-2022-4192
- EPSS 0.22%
- Published 30.11.2022 00:15:10
- Last modified 21.11.2024 07:34:45
Use after free in Live Caption in Google Chrome prior to 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via UI interaction. (Chromium security severity: Medium)
CVE-2022-4193
- EPSS 0.05%
- Published 30.11.2022 00:15:10
- Last modified 21.11.2024 07:34:45
Insufficient policy enforcement in File System API in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. (Chromium security severity: Medium)
CVE-2022-4174
- EPSS 1.35%
- Published 30.11.2022 00:15:09
- Last modified 21.11.2024 07:34:43
Type confusion in V8 in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-4135
- EPSS 0.1%
- Published 25.11.2022 01:15:09
- Last modified 12.03.2025 19:39:44
Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2022-3449
- EPSS 0.07%
- Published 09.11.2022 19:15:11
- Last modified 21.11.2024 07:19:32
Use after free in Safe Browsing in Google Chrome prior to 106.0.5249.119 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Hig...