Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Chrome Security Vulnerabilities - 2023

cve
cve

CVE-2023-5473

Use after free in Cast in Google Chrome prior to 118.0.5993.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)

6.3CVSS

7.2AI Score

0.002EPSS

2023-10-11 11:15 PM
127
cve
cve

CVE-2023-5474

Heap buffer overflow in PDF in Google Chrome prior to 118.0.5993.70 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium)

8.8CVSS

8.6AI Score

0.002EPSS

2023-10-11 11:15 PM
122
cve
cve

CVE-2023-5475

Inappropriate implementation in DevTools in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted Chrome Extension. (Chromium security severity: Medium)

6.5CVSS

6.5AI Score

0.001EPSS

2023-10-11 11:15 PM
213
cve
cve

CVE-2023-5476

Use after free in Blink History in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS

8.8AI Score

0.002EPSS

2023-10-11 11:15 PM
123
cve
cve

CVE-2023-5477

Inappropriate implementation in Installer in Google Chrome prior to 118.0.5993.70 allowed a local attacker to bypass discretionary access control via a crafted command. (Chromium security severity: Low)

4.3CVSS

5AI Score

0.001EPSS

2023-10-11 11:15 PM
249
cve
cve

CVE-2023-5478

Inappropriate implementation in Autofill in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)

4.3CVSS

4.8AI Score

0.001EPSS

2023-10-11 11:15 PM
207
cve
cve

CVE-2023-5479

Inappropriate implementation in Extensions API in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. (Chromium security severity: Medium)

6.5CVSS

6.4AI Score

0.001EPSS

2023-10-11 11:15 PM
226
cve
cve

CVE-2023-5480

Inappropriate implementation in Payments in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to bypass XSS preventions via a malicious file. (Chromium security severity: High)

6.1CVSS

6.1AI Score

0.001EPSS

2023-11-01 06:15 PM
149
cve
cve

CVE-2023-5481

Inappropriate implementation in Downloads in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)

6.5CVSS

6.3AI Score

0.001EPSS

2023-10-11 11:15 PM
247
cve
cve

CVE-2023-5482

Insufficient data validation in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

8.8CVSS

7.9AI Score

0.001EPSS

2023-11-01 06:15 PM
127
cve
cve

CVE-2023-5483

Inappropriate implementation in Intents in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Medium)

6.5CVSS

6.3AI Score

0.001EPSS

2023-10-11 11:15 PM
247
cve
cve

CVE-2023-5484

Inappropriate implementation in Navigation in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)

6.5CVSS

6.3AI Score

0.002EPSS

2023-10-11 11:15 PM
182
cve
cve

CVE-2023-5485

Inappropriate implementation in Autofill in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to bypass autofill restrictions via a crafted HTML page. (Chromium security severity: Low)

4.3CVSS

4.9AI Score

0.001EPSS

2023-10-11 11:15 PM
289
cve
cve

CVE-2023-5486

Inappropriate implementation in Input in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Low)

4.3CVSS

4.9AI Score

0.001EPSS

2023-10-11 11:15 PM
180
cve
cve

CVE-2023-5487

Inappropriate implementation in Fullscreen in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severity: Medium)

6.5CVSS

6.5AI Score

0.001EPSS

2023-10-11 11:15 PM
261
cve
cve

CVE-2023-5849

Integer overflow in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS

8.5AI Score

0.002EPSS

2023-11-01 06:15 PM
124
cve
cve

CVE-2023-5850

Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Medium)

4.3CVSS

5.1AI Score

0.001EPSS

2023-11-01 06:15 PM
123
cve
cve

CVE-2023-5851

Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)

4.3CVSS

4.9AI Score

0.001EPSS

2023-11-01 06:15 PM
117
cve
cve

CVE-2023-5852

Use after free in Printing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)

8.8CVSS

8.9AI Score

0.002EPSS

2023-11-01 06:15 PM
120
cve
cve

CVE-2023-5853

Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)

4.3CVSS

5AI Score

0.002EPSS

2023-11-01 06:15 PM
131
cve
cve

CVE-2023-5854

Use after free in Profiles in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)

8.8CVSS

8.9AI Score

0.002EPSS

2023-11-01 06:15 PM
118
cve
cve

CVE-2023-5855

Use after free in Reading Mode in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)

8.8CVSS

8.9AI Score

0.002EPSS

2023-11-01 06:15 PM
124
cve
cve

CVE-2023-5856

Use after free in Side Panel in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS

8.8AI Score

0.002EPSS

2023-11-01 06:15 PM
138
cve
cve

CVE-2023-5857

Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially execute arbitrary code via a malicious file. (Chromium security severity: Medium)

8.8CVSS

8.4AI Score

0.005EPSS

2023-11-01 06:15 PM
131
cve
cve

CVE-2023-5858

Inappropriate implementation in WebApp Provider in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low)

4.3CVSS

4.9AI Score

0.002EPSS

2023-11-01 06:15 PM
131
cve
cve

CVE-2023-5859

Incorrect security UI in Picture In Picture in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted local HTML page. (Chromium security severity: Low)

4.3CVSS

4.9AI Score

0.002EPSS

2023-11-01 06:15 PM
131
cve
cve

CVE-2023-5996

Use after free in WebAudio in Google Chrome prior to 119.0.6045.123 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS

8.8AI Score

0.002EPSS

2023-11-08 08:15 PM
194
cve
cve

CVE-2023-5997

Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS

8.8AI Score

0.002EPSS

2023-11-15 06:15 PM
75
cve
cve

CVE-2023-6112

Use after free in Navigation in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS

8.8AI Score

0.002EPSS

2023-11-15 06:15 PM
87
cve
cve

CVE-2023-6345

Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High)

9.6CVSS

9.2AI Score

0.099EPSS

2023-11-29 12:15 PM
217
In Wild
cve
cve

CVE-2023-6346

Use after free in WebAudio in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS

9AI Score

0.002EPSS

2023-11-29 12:15 PM
48
cve
cve

CVE-2023-6347

Use after free in Mojo in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS

9AI Score

0.002EPSS

2023-11-29 12:15 PM
57
cve
cve

CVE-2023-6348

Type Confusion in Spellcheck in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS

8.6AI Score

0.002EPSS

2023-11-29 12:15 PM
46
cve
cve

CVE-2023-6350

Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file. (Chromium security severity: High)

8.8CVSS

9AI Score

0.002EPSS

2023-11-29 12:15 PM
54
cve
cve

CVE-2023-6351

Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file. (Chromium security severity: High)

8.8CVSS

9AI Score

0.002EPSS

2023-11-29 12:15 PM
48
cve
cve

CVE-2023-6508

Use after free in Media Stream in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS

8.8AI Score

0.002EPSS

2023-12-06 02:15 AM
80
cve
cve

CVE-2023-6509

Use after free in Side Panel Search in Google Chrome prior to 120.0.6099.62 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: High)

8.8CVSS

8.8AI Score

0.002EPSS

2023-12-06 02:15 AM
58
cve
cve

CVE-2023-6510

Use after free in Media Capture in Google Chrome prior to 120.0.6099.62 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium)

8.8CVSS

8.8AI Score

0.002EPSS

2023-12-06 02:15 AM
47
cve
cve

CVE-2023-6511

Inappropriate implementation in Autofill in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low)

4.3CVSS

4.9AI Score

0.001EPSS

2023-12-06 02:15 AM
50
cve
cve

CVE-2023-6512

Inappropriate implementation in Web Browser UI in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to potentially spoof the contents of an iframe dialog context menu via a crafted HTML page. (Chromium security severity: Low)

6.5CVSS

6.2AI Score

0.001EPSS

2023-12-06 02:15 AM
51
cve
cve

CVE-2023-6702

Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS

8.4AI Score

0.001EPSS

2023-12-14 10:15 PM
57
cve
cve

CVE-2023-6703

Use after free in Blink in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS

8.8AI Score

0.001EPSS

2023-12-14 10:15 PM
44
cve
cve

CVE-2023-6704

Use after free in libavif in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted image file. (Chromium security severity: High)

8.8CVSS

8.8AI Score

0.001EPSS

2023-12-14 10:15 PM
48
cve
cve

CVE-2023-6705

Use after free in WebRTC in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS

8.8AI Score

0.001EPSS

2023-12-14 10:15 PM
43
cve
cve

CVE-2023-6706

Use after free in FedCM in Google Chrome prior to 120.0.6099.109 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS

8.7AI Score

0.001EPSS

2023-12-14 10:15 PM
66
cve
cve

CVE-2023-6707

Use after free in CSS in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS

8.8AI Score

0.001EPSS

2023-12-14 10:15 PM
53
cve
cve

CVE-2023-7024

Heap buffer overflow in WebRTC in Google Chrome prior to 120.0.6099.129 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS

8.9AI Score

0.007EPSS

2023-12-21 11:15 PM
225
In Wild
Total number of security vulnerabilities297