Google Chrome vulnerabilities
3,975 known vulnerabilities affecting google/chrome.
Total CVEs
3,975
CISA KEV
74
actively exploited
Public exploits
63
Exploited in wild
65
Severity breakdown
CRITICAL297HIGH2024MEDIUM1626LOW17UNKNOWN11
Vulnerabilities
Page 62 of 199
CVE-2022-1132MEDIUMCVSS 6.1fixed in 100.0.4896.60≥ unspecified, < 100.0.4896.602022-07-23
CVE-2022-1132 [MEDIUM] CWE-863 CVE-2022-1132: Inappropriate implementation in Virtual Keyboard in Google Chrome on Chrome OS prior to 100.0.4896.6
Inappropriate implementation in Virtual Keyboard in Google Chrome on Chrome OS prior to 100.0.4896.60 allowed a local attacker to bypass navigation restrictions via physical access to the device.
nvd
CVE-2022-0980HIGHCVSS 8.8fixed in 99.0.4844.74≥ unspecified, < 99.0.4844.742022-07-22
CVE-2022-0980 [HIGH] CWE-416 CVE-2022-0980: Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convin
Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interactions.
nvd
CVE-2022-0978HIGHCVSS 8.8fixed in 99.0.4844.74≥ unspecified, < 99.0.4844.742022-07-22
CVE-2022-0978 [HIGH] CWE-416 CVE-2022-0978: Use after free in ANGLE in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentia
Use after free in ANGLE in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2022-0979HIGHCVSS 8.8fixed in 99.0.4844.74≥ unspecified, < 99.0.4844.742022-07-22
CVE-2022-0979 [HIGH] CWE-416 CVE-2022-0979: Use after free in Safe Browsing in Google Chrome on Android prior to 99.0.4844.74 allowed a remote a
Use after free in Safe Browsing in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2022-0977CRITICALCVSS 9.6fixed in 99.0.4844.74≥ unspecified, < 99.0.4844.742022-07-21
CVE-2022-0977 [CRITICAL] CWE-416 CVE-2022-0977: Use after free in Browser UI in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote at
Use after free in Browser UI in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2022-0973CRITICALCVSS 9.6fixed in 99.0.4844.74≥ unspecified, < 99.0.4844.742022-07-21
CVE-2022-0973 [CRITICAL] CWE-416 CVE-2022-0973: Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to
Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2022-0975HIGHCVSS 8.8fixed in 99.0.4844.74≥ unspecified, < 99.0.4844.742022-07-21
CVE-2022-0975 [HIGH] CWE-416 CVE-2022-0975: Use after free in ANGLE in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentia
Use after free in ANGLE in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2022-0971HIGHCVSS 8.8fixed in 99.0.4844.74≥ unspecified, < 99.0.4844.742022-07-21
CVE-2022-0971 [HIGH] CWE-416 CVE-2022-0971: Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote at
Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2022-0976HIGHCVSS 8.8fixed in 99.0.4844.74≥ unspecified, < 99.0.4844.742022-07-21
CVE-2022-0976 [HIGH] CWE-787 CVE-2022-0976: Heap buffer overflow in GPU in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to pote
Heap buffer overflow in GPU in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2022-0974HIGHCVSS 8.8fixed in 99.0.4844.74≥ unspecified, < 99.0.4844.742022-07-21
CVE-2022-0974 [HIGH] CWE-416 CVE-2022-0974: Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote a
Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2022-0972HIGHCVSS 8.8fixed in 99.0.4844.74≥ unspecified, < 99.0.4844.742022-07-21
CVE-2022-0972 [HIGH] CWE-416 CVE-2022-0972: Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convince
Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2022-0452CRITICALCVSS 9.6fixed in 98.0.4758.80≥ unspecified, < 98.0.4758.802022-04-05
CVE-2022-0452 [CRITICAL] CWE-416 CVE-2022-0452: Use after free in Safe Browsing in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to
Use after free in Safe Browsing in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
nvd
CVE-2022-0466CRITICALCVSS 9.6fixed in 98.0.4758.80≥ unspecified, < 98.0.4758.802022-04-05
CVE-2022-0466 [CRITICAL] CVE-2022-0466: Inappropriate implementation in Extensions Platform in Google Chrome prior to 98.0.4758.80 allowed a
Inappropriate implementation in Extensions Platform in Google Chrome prior to 98.0.4758.80 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page.
nvd
CVE-2022-0790CRITICALCVSS 9.6fixed in 99.0.4844.51≥ unspecified, < 99.0.4844.512022-04-05
CVE-2022-0790 [CRITICAL] CWE-416 CVE-2022-0790: Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convi
Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML page.
nvd
CVE-2022-0610HIGHCVSS 8.8fixed in 98.0.4758.102≥ unspecified, < 98.0.4758.1022022-04-05
CVE-2022-0610 [HIGH] CWE-787 CVE-2022-0610: Inappropriate implementation in Gamepad API in Google Chrome prior to 98.0.4758.102 allowed a remote
Inappropriate implementation in Gamepad API in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2022-0789HIGHCVSS 8.8fixed in 99.0.4844.51≥ unspecified, < 99.0.4844.512022-04-05
CVE-2022-0789 [HIGH] CWE-787 CVE-2022-0789: Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to po
Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2022-0469HIGHCVSS 8.8fixed in 98.0.4758.80≥ unspecified, < 98.0.4758.802022-04-05
CVE-2022-0469 [HIGH] CWE-416 CVE-2022-0469: Use after free in Cast in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convince
Use after free in Cast in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific interactions to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2022-0604HIGHCVSS 8.8fixed in 98.0.4758.102≥ unspecified, < 98.0.4758.1022022-04-05
CVE-2022-0604 [HIGH] CWE-787 CVE-2022-0604: Heap buffer overflow in Tab Groups in Google Chrome prior to 98.0.4758.102 allowed an attacker who c
Heap buffer overflow in Tab Groups in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2022-0459HIGHCVSS 8.8fixed in 98.0.4758.80≥ unspecified, < 98.0.4758.802022-04-05
CVE-2022-0459 [HIGH] CWE-416 CVE-2022-0459: Use after free in Screen Capture in Google Chrome prior to 98.0.4758.80 allowed a remote attacker wh
Use after free in Screen Capture in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who had compromised the renderer process and convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2022-0798HIGHCVSS 8.8fixed in 99.0.4844.51≥ unspecified, < 99.0.4844.512022-04-05
CVE-2022-0798 [HIGH] CWE-416 CVE-2022-0798: Use after free in MediaStream in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinc
Use after free in MediaStream in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.
nvd