Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
GoogleChrome

3665 matches found

CVE
CVEadded 2011/03/15 5:55 p.m.1079 views

CVE-2011-0609

Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windo...

9.3CVSS8.9AI score0.92398EPSS
In wild
CVE
CVEadded 2018/11/14 3:29 p.m.1077 views

CVE-2018-6065

Integer overflow in computing the required allocation size when instantiating a new javascript object in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.5AI score0.86749EPSS
In wild
CVE
CVEadded 2018/12/11 4:29 p.m.1076 views

CVE-2018-17480

Execution of user supplied Javascript during array deserialization leading to an out of bounds write in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

8.8CVSS8.7AI score0.27789EPSS
In wild
CVE
CVEadded 2022/02/11 11:15 p.m.1066 views

CVE-2021-4102

Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS9.1AI score0.03101EPSS
In wild
CVE
CVEadded 2021/01/08 7:15 p.m.1044 views

CVE-2020-16013

Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.6AI score0.22883EPSS
In wild
CVE
CVEadded 2025/01/22 8:15 p.m.1039 views

CVE-2025-0611

Object corruption in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.2CVSS6.3AI score0.00228EPSS
CVE
CVEadded 2021/01/14 9:15 p.m.1032 views

CVE-2020-6572

Use after free in Media in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to execute arbitrary code via a crafted HTML page.

9.3CVSS8.7AI score0.17943EPSS
In wild
CVE
CVEadded 2017/10/27 5:29 a.m.1028 views

CVE-2017-5070

Type confusion in V8 in Google Chrome prior to 59.0.3071.86 for Linux, Windows, and Mac, and 59.0.3071.92 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

8.8CVSS8.5AI score0.72453EPSS
In wild
CVE
CVEadded 2024/05/01 1:15 p.m.1027 views

CVE-2024-4368

Use after free in Dawn in Google Chrome prior to 124.0.6367.118 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.5AI score0.00332EPSS
CVE
CVEadded 2021/01/08 7:15 p.m.1022 views

CVE-2020-16017

Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

9.6CVSS9AI score0.17653EPSS
In wild
CVE
CVEadded 2017/01/19 5:59 a.m.1014 views

CVE-2016-5198

V8 in Google Chrome prior to 54.0.2840.90 for Linux, and 54.0.2840.85 for Android, and 54.0.2840.87 for Windows and Mac included incorrect optimisation assumptions, which allowed a remote attacker to perform arbitrary read/write operations, leading to code execution, via a crafted HTML page.

8.8CVSS7.1AI score0.69403EPSS
In wild
CVE
CVEadded 2011/04/13 2:55 p.m.1008 views

CVE-2011-0611

Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x be...

9.3CVSS8.8AI score0.93698EPSS
In wild
CVE
CVEadded 2017/04/24 11:59 p.m.1008 views

CVE-2017-5030

Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac and 57.0.2987.108 for Android allowed a remote attacker to execute arbitrary code via a crafted HTML page.

8.8CVSS8.2AI score0.63052EPSS
In wild
CVE
CVEadded 2016/03/29 10:59 a.m.1007 views

CVE-2016-1646

The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted ...

9.3CVSS8.7AI score0.71722EPSS
In wild
CVE
CVEadded 2023/04/19 4:15 a.m.990 views

CVE-2023-2136

Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

9.6CVSS8.2AI score0.00392EPSS
In wild
CVE
CVEadded 2025/01/15 11:15 a.m.975 views

CVE-2025-0443

Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS6.7AI score0.00329EPSS
CVE
CVEadded 2022/12/02 9:15 p.m.961 views

CVE-2022-4262

Type confusion in V8 in Google Chrome prior to 108.0.5359.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.6AI score0.0225EPSS
In wild
CVE
CVEadded 2025/01/15 11:15 a.m.953 views

CVE-2025-0435

Inappropriate implementation in Navigation in Google Chrome on Android prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: High)

6.5CVSS6.4AI score0.00063EPSS
CVE
CVEadded 2021/06/07 8:15 p.m.948 views

CVE-2021-30533

Insufficient policy enforcement in PopupBlocker in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass navigation restrictions via a crafted iframe.

6.5CVSS6.5AI score0.06446EPSS
In wild
CVE
CVEadded 2021/06/15 10:15 p.m.946 views

CVE-2021-30547

Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

8.8CVSS5.9AI score0.00734EPSS
CVE
CVEadded 2022/09/26 4:15 p.m.943 views

CVE-2022-2856

Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker to arbitrarily browse to a malicious website via a crafted HTML page.

6.5CVSS6.6AI score0.03429EPSS
In wild
CVE
CVEadded 2022/11/01 11:15 p.m.925 views

CVE-2022-3723

Type confusion in V8 in Google Chrome prior to 107.0.5304.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.6AI score0.00599EPSS
In wild
CVE
CVEadded 2023/09/28 4:15 p.m.922 views

CVE-2023-5217

Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS9.2AI score0.00999EPSS
In wild
CVE
CVEadded 2025/01/15 11:15 a.m.905 views

CVE-2025-0439

Race in Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

6.5CVSS6.4AI score0.00067EPSS
CVE
CVEadded 2021/02/22 10:15 p.m.816 views

CVE-2021-21157

Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS9AI score0.01551EPSS
CVE
CVEadded 2025/01/15 11:15 a.m.804 views

CVE-2025-0442

Inappropriate implementation in Payments in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

6.5CVSS6.2AI score0.00085EPSS
CVE
CVEadded 2025/05/14 6:15 p.m.793 views

CVE-2025-4664

Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

4.3CVSS6AI score0.00014EPSS
In wild
CVE
CVEadded 2020/03/12 7:15 p.m.778 views

CVE-2020-10531

An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.

8.8CVSS8.7AI score0.00538EPSS
CVE
CVEadded 2023/06/05 10:15 p.m.775 views

CVE-2023-3079

Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.6AI score0.00567EPSS
In wild
CVE
CVEadded 2023/08/23 12:15 a.m.754 views

CVE-2023-4431

Out of bounds memory access in Fonts in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)

8.1CVSS7.6AI score0.00128EPSS
CVE
CVEadded 2023/01/02 11:15 p.m.750 views

CVE-2022-0337

Inappropriate implementation in File System API in Google Chrome on Windows prior to 97.0.4692.71 allowed a remote attacker to obtain potentially sensitive information via a crafted HTML page. (Chrome security severity: High)

6.5CVSS5.5AI score0.29455EPSS
CVE
CVEadded 2024/05/14 3:44 p.m.716 views

CVE-2024-4671

Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

9.6CVSS6.3AI score0.00096EPSS
In wild
CVE
CVEadded 2024/12/18 10:15 p.m.660 views

CVE-2024-12692

Type Confusion in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.3AI score0.00509EPSS
CVE
CVEadded 2024/05/01 1:15 p.m.648 views

CVE-2024-4058

Type confusion in ANGLE in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

9CVSS8.4AI score0.04856EPSS
CVE
CVEadded 2022/09/26 4:15 p.m.644 views

CVE-2022-3038

Use after free in Network Service in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.9AI score0.78427EPSS
In wild
CVE
CVEadded 2011/09/06 7:55 p.m.642 views

CVE-2011-3389

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP...

4.3CVSS6.5AI score0.04513EPSS
CVE
CVEadded 2019/12/10 10:15 p.m.600 views

CVE-2019-13734

Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.6AI score0.07091EPSS
CVE
CVEadded 2023/08/23 12:15 a.m.600 views

CVE-2023-4428

Out of bounds memory access in CSS in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

8.1CVSS7.6AI score0.07638EPSS
CVE
CVEadded 2024/04/17 8:15 a.m.594 views

CVE-2024-3833

Object corruption in WebAssembly in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.2AI score0.02577EPSS
CVE
CVEadded 2025/01/29 11:15 a.m.573 views

CVE-2025-0762

Use after free in DevTools in Google Chrome prior to 132.0.6834.159 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium)

8.8CVSS6.9AI score0.00256EPSS
CVE
CVEadded 2018/12/21 9:29 p.m.550 views

CVE-2018-20346

SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statem...

8.1CVSS8.4AI score0.16791EPSS
CVE
CVEadded 2024/12/03 7:15 p.m.536 views

CVE-2024-12053

Type Confusion in V8 in Google Chrome prior to 131.0.6778.108 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.2AI score0.00166EPSS
CVE
CVEadded 2024/05/28 3:15 p.m.535 views

CVE-2024-5274

Type Confusion in V8 in Google Chrome prior to 125.0.6422.112 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

9.6CVSS6.9AI score0.03229EPSS
In wild
CVE
CVEadded 2023/01/02 11:15 p.m.509 views

CVE-2022-0801

Inappropriate implementation in HTML parser in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass XSS preventions via a crafted HTML page. (Chrome security severity: Medium)

6.1CVSS6.1AI score0.00041EPSS
CVE
CVEadded 2023/08/03 1:15 a.m.501 views

CVE-2023-4068

Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

8.1CVSS7.5AI score0.02683EPSS
CVE
CVEadded 2021/02/09 2:15 p.m.484 views

CVE-2020-16044

Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP packet.

8.8CVSS9.1AI score0.00379EPSS
In wild
CVE
CVEadded 2024/05/15 9:15 p.m.472 views

CVE-2024-4947

Type Confusion in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

9.6CVSS6.9AI score0.00181EPSS
In wild
CVE
CVEadded 2023/08/23 12:15 a.m.470 views

CVE-2023-4427

Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

8.1CVSS7.6AI score0.79336EPSS
CVE
CVEadded 2025/05/27 9:15 p.m.470 views

CVE-2025-5283

Use after free in libvpx in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

5.4CVSS7.1AI score0.00085EPSS
CVE
CVEadded 2019/06/27 5:15 p.m.469 views

CVE-2019-5827

Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.6AI score0.0206EPSS
Total number of security vulnerabilities3665