Google Chrome vulnerabilities
3,975 known vulnerabilities affecting google/chrome.
Total CVEs
3,975
CISA KEV
74
actively exploited
Public exploits
63
Exploited in wild
65
Severity breakdown
CRITICAL297HIGH2024MEDIUM1626LOW17UNKNOWN11
Vulnerabilities
Page 63 of 199
CVE-2022-0609HIGHCVSS 8.8KEVfixed in 98.0.4758.102≥ unspecified, < 98.0.4758.1022022-04-05
CVE-2022-0609 [HIGH] CWE-416 CVE-2022-0609: Use after free in Animation in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to pot
Use after free in Animation in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2022-0470HIGHCVSS 8.8fixed in 98.0.4758.80≥ unspecified, < 98.0.4758.802022-04-05
CVE-2022-0470 [HIGH] CWE-787 CVE-2022-0470: Out of bounds memory access in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker t
Out of bounds memory access in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2022-0800HIGHCVSS 8.8fixed in 99.0.4844.51≥ unspecified, < 99.0.4844.512022-04-05
CVE-2022-0800 [HIGH] CWE-787 CVE-2022-0800: Heap buffer overflow in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who
Heap buffer overflow in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2022-0456HIGHCVSS 8.8fixed in 98.0.4758.80≥ unspecified, < 98.0.4758.802022-04-05
CVE-2022-0456 [HIGH] CWE-416 CVE-2022-0456: Use after free in Web Search in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to pot
Use after free in Web Search in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via profile destruction.
nvd
CVE-2022-0467HIGHCVSS 8.8fixed in 98.0.4758.80≥ unspecified, < 98.0.4758.802022-04-05
CVE-2022-0467 [HIGH] CVE-2022-0467: Inappropriate implementation in Pointer Lock in Google Chrome on Windows prior to 98.0.4758.80 allow
Inappropriate implementation in Pointer Lock in Google Chrome on Windows prior to 98.0.4758.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
nvd
CVE-2022-0791HIGHCVSS 8.8fixed in 99.0.4844.51≥ unspecified, < 99.0.4844.512022-04-05
CVE-2022-0791 [HIGH] CWE-416 CVE-2022-0791: Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convi
Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via user interactions.
nvd
CVE-2022-0464HIGHCVSS 8.8fixed in 98.0.4758.80≥ unspecified, < 98.0.4758.802022-04-05
CVE-2022-0464 [HIGH] CWE-416 CVE-2022-0464: Use after free in Accessibility in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who
Use after free in Accessibility in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction.
nvd
CVE-2022-0799HIGHCVSS 8.8fixed in 99.0.4844.51≥ unspecified, < 99.0.4844.512022-04-05
CVE-2022-0799 [HIGH] CWE-59 CVE-2022-0799: Insufficient policy enforcement in Installer in Google Chrome on Windows prior to 99.0.4844.51 allow
Insufficient policy enforcement in Installer in Google Chrome on Windows prior to 99.0.4844.51 allowed a remote attacker to perform local privilege escalation via a crafted offline installer file.
nvd
CVE-2022-0458HIGHCVSS 8.8fixed in 98.0.4758.80≥ unspecified, < 98.0.4758.802022-04-05
CVE-2022-0458 [HIGH] CWE-416 CVE-2022-0458: Use after free in Thumbnail Tab Strip in Google Chrome prior to 98.0.4758.80 allowed a remote attack
Use after free in Thumbnail Tab Strip in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2022-0603HIGHCVSS 8.8fixed in 98.0.4758.102≥ unspecified, < 98.0.4758.1022022-04-05
CVE-2022-0603 [HIGH] CWE-416 CVE-2022-0603: Use after free in File Manager in Google Chrome on Chrome OS prior to 98.0.4758.102 allowed a remote
Use after free in File Manager in Google Chrome on Chrome OS prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2022-0795HIGHCVSS 8.8fixed in 99.0.4844.51≥ unspecified, < 99.0.4844.512022-04-05
CVE-2022-0795 [HIGH] CWE-843 CVE-2022-0795: Type confusion in Blink Layout in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to p
Type confusion in Blink Layout in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2022-0605HIGHCVSS 8.8fixed in 98.0.4758.102≥ unspecified, < 98.0.4758.1022022-04-05
CVE-2022-0605 [HIGH] CWE-416 CVE-2022-0605: Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convi
Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and convinced a user to enage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2022-0805HIGHCVSS 8.8fixed in 99.0.4844.51≥ unspecified, < 99.0.4844.512022-04-05
CVE-2022-0805 [HIGH] CWE-416 CVE-2022-0805: Use after free in Browser Switcher in Google Chrome prior to 99.0.4844.51 allowed a remote attacker
Use after free in Browser Switcher in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction.
nvd
CVE-2022-0797HIGHCVSS 8.8fixed in 99.0.4844.51≥ unspecified, < 99.0.4844.512022-04-05
CVE-2022-0797 [HIGH] CWE-787 CVE-2022-0797: Out of bounds memory access in Mojo in Google Chrome prior to 99.0.4844.51 allowed a remote attacker
Out of bounds memory access in Mojo in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
nvd
CVE-2022-0796HIGHCVSS 8.8fixed in 99.0.4844.51≥ unspecified, < 99.0.4844.512022-04-05
CVE-2022-0796 [HIGH] CWE-416 CVE-2022-0796: Use after free in Media in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentia
Use after free in Media in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2022-0808HIGHCVSS 8.8fixed in 99.0.4844.51≥ unspecified, < 99.0.4844.512022-04-05
CVE-2022-0808 [HIGH] CWE-416 CVE-2022-0808: Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remo
Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in a series of user interaction to potentially exploit heap corruption via user interactions.
nvd
CVE-2022-0809HIGHCVSS 8.8fixed in 99.0.4844.51≥ unspecified, < 99.0.4844.512022-04-05
CVE-2022-0809 [HIGH] CWE-787 CVE-2022-0809: Out of bounds memory access in WebXR in Google Chrome prior to 99.0.4844.51 allowed a remote attacke
Out of bounds memory access in WebXR in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2022-0453HIGHCVSS 8.8fixed in 98.0.4758.80≥ unspecified, < 98.0.4758.802022-04-05
CVE-2022-0453 [HIGH] CWE-416 CVE-2022-0453: Use after free in Reader Mode in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who h
Use after free in Reader Mode in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2022-0606HIGHCVSS 8.8fixed in 98.0.4758.102≥ unspecified, < 98.0.4758.1022022-04-05
CVE-2022-0606 [HIGH] CWE-416 CVE-2022-0606: Use after free in ANGLE in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potenti
Use after free in ANGLE in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2022-0794HIGHCVSS 8.8fixed in 99.0.4844.51≥ unspecified, < 99.0.4844.512022-04-05
CVE-2022-0794 [HIGH] CWE-416 CVE-2022-0794: Use after free in WebShare in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who conv
Use after free in WebShare in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
nvd