Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.8

    HIGH
    CVE-2022-0467

    Inappropriate implementation in Pointer Lock in Google Chrome on Windows prior to 98.0.4758.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.... Read more

    Affected Products : chrome edge_chromium
    • Published: Apr. 05, 2022
    • Modified: Nov. 21, 2024

  • 9.6

    CRITICAL
    CVE-2022-0466

    Inappropriate implementation in Extensions Platform in Google Chrome prior to 98.0.4758.80 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page.... Read more

    Affected Products : chrome edge_chromium
    • Published: Apr. 05, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2022-0465

    Use after free in Extensions in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via user interaction.... Read more

    Affected Products : chrome edge_chromium
    • Published: Apr. 05, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2022-0464

    Use after free in Accessibility in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction.... Read more

    Affected Products : chrome edge_chromium
    • Published: Apr. 05, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2022-0463

    Use after free in Accessibility in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction.... Read more

    Affected Products : chrome edge_chromium
    • Published: Apr. 05, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-0462

    Inappropriate implementation in Scroll in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.... Read more

    Affected Products : chrome edge_chromium
    • Published: Apr. 05, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-0461

    Policy bypass in COOP in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to bypass iframe sandbox via a crafted HTML page.... Read more

    Affected Products : chrome edge_chromium
    • Published: Apr. 05, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2022-0460

    Use after free in Window Dialogue in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.... Read more

    Affected Products : chrome edge_chromium
    • Published: Apr. 05, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2022-0459

    Use after free in Screen Capture in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who had compromised the renderer process and convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTM... Read more

    Affected Products : chrome edge_chromium
    • Published: Apr. 05, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2022-0458

    Use after free in Thumbnail Tab Strip in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.... Read more

    Affected Products : chrome edge_chromium
    • Published: Apr. 05, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2022-0457

    Type confusion in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.... Read more

    Affected Products : chrome edge_chromium
    • Published: Apr. 05, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2022-0456

    Use after free in Web Search in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via profile destruction.... Read more

    Affected Products : chrome edge_chromium
    • Published: Apr. 05, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-0455

    Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 98.0.4758.80 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.... Read more

    Affected Products : android chrome edge_chromium
    • Published: Apr. 05, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2022-0454

    Heap buffer overflow in ANGLE in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.... Read more

    Affected Products : chrome edge_chromium
    • Published: Apr. 05, 2022
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2022-0453

    Use after free in Reader Mode in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.... Read more

    Affected Products : chrome edge_chromium
    • Published: Apr. 05, 2022
    • Modified: Nov. 21, 2024

  • 9.6

    CRITICAL
    CVE-2022-0452

    Use after free in Safe Browsing in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.... Read more

    Affected Products : chrome edge_chromium
    • Published: Apr. 05, 2022
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2022-0451

    Dart SDK contains the HTTPClient in dart:io library whcih includes authorization headers when handling cross origin redirects. These headers may be explicitly set and contain sensitive information. By default, HttpClient handles redirection logic. If a re... Read more

    Affected Products : dart_software_development_kit
    • Published: Feb. 18, 2022
    • Modified: Nov. 21, 2024

  • 5.4

    MEDIUM
    CVE-2022-0450

    The Menu Image, Icons made easy WordPress plugin before 3.0.6 does not have authorisation and CSRF checks when saving menu settings, and does not validate, sanitise and escape them. As a result, any authenticate users, such as subscriber can update the se... Read more

    Affected Products : menu_image\,_icons_made_easy
    • Published: Mar. 28, 2022
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2022-0449

    The Flexi WordPress plugin before 4.20 does not sanitise and escape various parameters before outputting them back in some pages such as the user dashboard, leading to a Reflected Cross-Site Scripting... Read more

    Affected Products : flexi
    • Published: Mar. 14, 2022
    • Modified: Nov. 21, 2024

  • 4.8

    MEDIUM
    CVE-2022-0448

    The CP Blocks WordPress plugin before 1.0.15 does not sanitise and escape its "License ID" settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed.... Read more

    Affected Products : cp_blocks
    • Published: Mar. 07, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 294706 Results