Google

Chrome

3866 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2022-4186

  • EPSS 0.04%
  • Veröffentlicht 30.11.2022 00:15:10
  • Zuletzt bearbeitet 21.11.2024 07:34:44

Insufficient validation of untrusted input in Downloads in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass Downloads restrictions via a crafted HTML page. (Chromium security sev...

6.5

CVE-2022-4187

  • EPSS 0.08%
  • Veröffentlicht 30.11.2022 00:15:10
  • Zuletzt bearbeitet 21.11.2024 07:34:44

Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 108.0.5359.71 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. (Chromium security severity: Medium)

4.3

CVE-2022-4188

  • EPSS 0.08%
  • Veröffentlicht 30.11.2022 00:15:10
  • Zuletzt bearbeitet 21.11.2024 07:34:44

Insufficient validation of untrusted input in CORS in Google Chrome on Android prior to 108.0.5359.71 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)

4.3

CVE-2022-4189

  • EPSS 0.04%
  • Veröffentlicht 30.11.2022 00:15:10
  • Zuletzt bearbeitet 21.11.2024 07:34:44

Insufficient policy enforcement in DevTools in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severit...

8.8

CVE-2022-4190

  • EPSS 0.06%
  • Veröffentlicht 30.11.2022 00:15:10
  • Zuletzt bearbeitet 21.11.2024 07:34:44

Insufficient data validation in Directory in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. (Chromium security severity: Medium)

8.8

CVE-2022-4191

  • EPSS 0.22%
  • Veröffentlicht 30.11.2022 00:15:10
  • Zuletzt bearbeitet 21.11.2024 07:34:45

Use after free in Sign-In in Google Chrome prior to 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via profile destruction. (Chromium security severity: Medium)

8.8

CVE-2022-4192

  • EPSS 0.17%
  • Veröffentlicht 30.11.2022 00:15:10
  • Zuletzt bearbeitet 21.11.2024 07:34:45

Use after free in Live Caption in Google Chrome prior to 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via UI interaction. (Chromium security severity: Medium)

8.8

CVE-2022-4193

  • EPSS 0.06%
  • Veröffentlicht 30.11.2022 00:15:10
  • Zuletzt bearbeitet 21.11.2024 07:34:45

Insufficient policy enforcement in File System API in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. (Chromium security severity: Medium)

8.8

CVE-2022-4174

  • EPSS 0.7%
  • Veröffentlicht 30.11.2022 00:15:09
  • Zuletzt bearbeitet 21.11.2024 07:34:43

Type confusion in V8 in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

9.6

CVE-2022-4135

Warnung Exploit
  • EPSS 0.11%
  • Veröffentlicht 25.11.2022 01:15:09
  • Zuletzt bearbeitet 24.10.2025 14:10:14

Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)