U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:a:google:chrome:11.0.688.0:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 3,132 matching records.
Displaying matches 461 through 480.
Vuln ID Summary CVSS Severity
CVE-2022-4179

Use after free in Audio in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)

Published: November 29, 2022; 7:15:10 PM -0500 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-4178

Use after free in Mojo in Google Chrome prior to 108.0.5359.71 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: November 29, 2022; 7:15:10 PM -0500 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-4177

Use after free in Extensions in Google Chrome prior to 108.0.5359.71 allowed an attacker who convinced a user to install an extension to potentially exploit heap corruption via a crafted Chrome Extension and UI interaction. (Chromium security severity: High)

Published: November 29, 2022; 7:15:10 PM -0500 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-4176

Out of bounds write in Lacros Graphics in Google Chrome on Chrome OS and Lacros prior to 108.0.5359.71 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interactions. (Chromium security severity: High)

Published: November 29, 2022; 7:15:10 PM -0500 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-4175

Use after free in Camera Capture in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: November 29, 2022; 7:15:10 PM -0500 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-4174

Type confusion in V8 in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: November 29, 2022; 7:15:09 PM -0500 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-4135

Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Published: November 24, 2022; 8:15:09 PM -0500 		V4.0:(not available)
 V3.1: 9.6 CRITICAL
V2.0:(not available)
CVE-2022-3450

Use after free in Peer Connection in Google Chrome prior to 106.0.5249.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: November 09, 2022; 2:15:11 PM -0500 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-3449

Use after free in Safe Browsing in Google Chrome prior to 106.0.5249.119 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)

Published: November 09, 2022; 2:15:11 PM -0500 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-3448

Use after free in Permissions API in Google Chrome prior to 106.0.5249.119 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: November 09, 2022; 2:15:10 PM -0500 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-3447

Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 106.0.5249.119 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High)

Published: November 09, 2022; 2:15:10 PM -0500 		V4.0:(not available)
 V3.1: 4.3 MEDIUM
V2.0:(not available)
CVE-2022-3446

Heap buffer overflow in WebSQL in Google Chrome prior to 106.0.5249.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: November 09, 2022; 2:15:10 PM -0500 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-3445

Use after free in Skia in Google Chrome prior to 106.0.5249.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: November 09, 2022; 2:15:09 PM -0500 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-3889

Type confusion in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: November 08, 2022; 11:15:10 PM -0500 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-3888

Use after free in WebCodecs in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: November 08, 2022; 11:15:10 PM -0500 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-3887

Use after free in Web Workers in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: November 08, 2022; 11:15:10 PM -0500 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-3886

Use after free in Speech Recognition in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: November 08, 2022; 11:15:10 PM -0500 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-3885

Use after free in V8 in Google Chrome prior to 107.0.5304.106 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: November 08, 2022; 11:15:09 PM -0500 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-3723

Type confusion in V8 in Google Chrome prior to 107.0.5304.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: November 01, 2022; 7:15:19 PM -0400 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-3661

Insufficient data validation in Extensions in Google Chrome prior to 107.0.5304.62 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted Chrome extension. (Chromium security severity: Low)

Published: November 01, 2022; 7:15:19 PM -0400 		V4.0:(not available)
 V3.1: 4.3 MEDIUM
V2.0:(not available)