Lucene search

K
GoogleChrome

3662 matches found

CVE
CVE
added 2022/08/12 8:15 p.m.333 views

CVE-2022-2603

Use after free in Omnibox in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.8AI score0.00419EPSS
CVE
CVE
added 2025/06/24 8:15 p.m.332 views

CVE-2025-6555

Use after free in Animation in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

5.4CVSS7.3AI score0.00045EPSS
CVE
CVE
added 2019/12/10 10:15 p.m.329 views

CVE-2019-13750

Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass defense-in-depth measures via a crafted HTML page.

6.5CVSS6.3AI score0.00159EPSS
CVE
CVE
added 2020/01/03 11:15 p.m.329 views

CVE-2019-5845

Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.5CVSS7AI score0.00966EPSS
CVE
CVE
added 2021/06/04 6:15 p.m.329 views

CVE-2021-30517

Type confusion in V8 in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.4AI score0.14196EPSS
CVE
CVE
added 2019/05/23 8:29 p.m.327 views

CVE-2019-5789

An integer overflow that leads to a use-after-free in WebMIDI in Google Chrome on Windows prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.

9.3CVSS8.5AI score0.39945EPSS
CVE
CVE
added 2020/02/11 3:15 p.m.327 views

CVE-2020-6405

Out of bounds read in SQLite in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

6.5CVSS6.3AI score0.00691EPSS
CVE
CVE
added 2024/04/06 3:15 p.m.327 views

CVE-2024-3158

Use after free in Bookmarks in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.8AI score0.0087EPSS
CVE
CVE
added 2018/12/11 4:29 p.m.326 views

CVE-2018-18335

Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.7AI score0.01839EPSS
CVE
CVE
added 2024/09/03 11:15 p.m.326 views

CVE-2024-8362

Use after free in WebAudio in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS7.1AI score0.00142EPSS
CVE
CVE
added 2024/11/19 8:15 p.m.325 views

CVE-2024-11395

Type Confusion in V8 in Google Chrome prior to 131.0.6778.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.6AI score0.00322EPSS
CVE
CVE
added 2024/06/20 12:15 a.m.324 views

CVE-2024-6100

Type Confusion in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

8.8CVSS7.2AI score0.00287EPSS
CVE
CVE
added 2024/03/06 7:15 p.m.322 views

CVE-2024-2173

Out of bounds memory access in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.6AI score0.00091EPSS
CVE
CVE
added 2019/05/23 8:29 p.m.321 views

CVE-2019-5788

An integer overflow that leads to a use-after-free in Blink Storage in Google Chrome on Linux prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.

9.3CVSS8.4AI score0.465EPSS
CVE
CVE
added 2024/09/17 9:15 p.m.321 views

CVE-2024-8904

Type Confusion in V8 in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.6AI score0.00167EPSS
CVE
CVE
added 2020/07/22 5:15 p.m.320 views

CVE-2020-6519

Policy bypass in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page.

6.5CVSS6.7AI score0.29231EPSS
CVE
CVE
added 2024/03/06 7:15 p.m.319 views

CVE-2024-2174

Inappropriate implementation in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS5.7AI score0.00123EPSS
CVE
CVE
added 2024/04/06 3:15 p.m.317 views

CVE-2024-3156

Inappropriate implementation in V8 in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8AI score0.01279EPSS
CVE
CVE
added 2023/05/30 10:15 p.m.315 views

CVE-2023-2937

Inappropriate implementation in Picture In Picture in Google Chrome prior to 114.0.5735.90 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)

4.3CVSS4.7AI score0.00128EPSS
CVE
CVE
added 2025/01/15 11:15 a.m.315 views

CVE-2025-0434

Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.9AI score0.00149EPSS
CVE
CVE
added 2025/06/03 12:15 a.m.315 views

CVE-2025-5419

Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.7AI score0.01024EPSS
In wild
CVE
CVE
added 2019/06/27 5:15 p.m.314 views

CVE-2019-5831

Object lifecycle issue in V8 in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.4AI score0.02152EPSS
CVE
CVE
added 2024/05/22 4:15 p.m.314 views

CVE-2024-5158

Type Confusion in V8 in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to potentially perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

8.8CVSS5.8AI score0.00113EPSS
CVE
CVE
added 2021/08/03 7:15 p.m.313 views

CVE-2021-30561

Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.4AI score0.00416EPSS
Web
CVE
CVE
added 2020/02/11 3:15 p.m.312 views

CVE-2020-6404

Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS7.7AI score0.01744EPSS
Web
CVE
CVE
added 2024/04/17 8:15 a.m.312 views

CVE-2024-3837

Use after free in QUIC in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS6.4AI score0.00516EPSS
CVE
CVE
added 2024/12/12 1:40 a.m.310 views

CVE-2024-12381

Type Confusion in V8 in Google Chrome prior to 131.0.6778.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.2AI score0.00401EPSS
CVE
CVE
added 2019/05/23 8:29 p.m.308 views

CVE-2019-5796

Data race in extensions guest view in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

7.5CVSS7.6AI score0.0737EPSS
CVE
CVE
added 2024/04/17 8:15 a.m.307 views

CVE-2024-3847

Insufficient policy enforcement in WebUI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)

9.8CVSS5.4AI score0.00067EPSS
CVE
CVE
added 2015/07/23 12:59 a.m.305 views

CVE-2015-1283

Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a relate...

6.8CVSS8.4AI score0.05642EPSS
CVE
CVE
added 2020/01/10 10:15 p.m.305 views

CVE-2020-6377

Use after free in audio in Google Chrome prior to 79.0.3945.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.8AI score0.02899EPSS
CVE
CVE
added 2019/05/23 8:29 p.m.304 views

CVE-2019-5791

Inappropriate optimization in V8 in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

8.8CVSS8AI score0.0197EPSS
CVE
CVE
added 2019/06/27 5:15 p.m.304 views

CVE-2019-5808

Use after free in Blink in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.8AI score0.0261EPSS
CVE
CVE
added 2023/08/03 1:15 a.m.304 views

CVE-2023-4078

Inappropriate implementation in Extensions in Google Chrome prior to 115.0.5790.170 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: Medium)

8.8CVSS7.7AI score0.00156EPSS
CVE
CVE
added 2023/08/23 12:15 a.m.304 views

CVE-2023-4430

Use after free in Vulkan in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.8AI score0.11354EPSS
CVE
CVE
added 2019/05/23 8:29 p.m.303 views

CVE-2019-5794

Incorrect handling of cancelled requests in Navigation in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.

6.5CVSS6.4AI score0.00223EPSS
CVE
CVE
added 2019/06/27 5:15 p.m.303 views

CVE-2019-5821

Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

8.8CVSS8.5AI score0.01749EPSS
CVE
CVE
added 2022/07/21 11:15 p.m.303 views

CVE-2022-0971

Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.9AI score0.00425EPSS
CVE
CVE
added 2024/05/15 9:15 p.m.303 views

CVE-2024-4950

Inappropriate implementation in Downloads in Google Chrome prior to 125.0.6422.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

6.5CVSS5.5AI score0.00091EPSS
CVE
CVE
added 2024/08/01 6:15 p.m.303 views

CVE-2024-6990

Uninitialized Use in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical)

8.8CVSS6.3AI score0.00179EPSS
CVE
CVE
added 2024/05/15 9:15 p.m.302 views

CVE-2024-4948

Use after free in Dawn in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.5AI score0.00188EPSS
CVE
CVE
added 2024/09/03 11:15 p.m.302 views

CVE-2024-7970

Out of bounds write in V8 in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.7AI score0.00154EPSS
CVE
CVE
added 2019/06/27 5:15 p.m.301 views

CVE-2019-5810

Information leak in autofill in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

6.5CVSS6.1AI score0.00487EPSS
CVE
CVE
added 2022/07/28 1:15 a.m.301 views

CVE-2022-2010

Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

9.3CVSS8.7AI score0.00509EPSS
CVE
CVE
added 2023/10/11 11:15 p.m.301 views

CVE-2023-5487

Inappropriate implementation in Fullscreen in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severity: Medium)

6.5CVSS6.5AI score0.00034EPSS
CVE
CVE
added 2019/05/23 8:29 p.m.299 views

CVE-2019-5790

An integer overflow leading to an incorrect capacity of a buffer in JavaScript in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

8.8CVSS8.7AI score0.03543EPSS
CVE
CVE
added 2021/01/08 7:15 p.m.299 views

CVE-2020-16027

Insufficient policy enforcement in developer tools in Google Chrome prior to 87.0.4280.66 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from the user's disk via a crafted Chrome Extension.

6.5CVSS6.5AI score0.00129EPSS
In wild
CVE
CVE
added 2024/04/17 8:15 a.m.299 views

CVE-2024-3844

Inappropriate implementation in Extensions in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)

4.3CVSS5.6AI score0.00563EPSS
CVE
CVE
added 2019/05/23 8:29 p.m.298 views

CVE-2019-5793

Insufficient policy enforcement in extensions in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to initiate the extensions installation user interface via a crafted HTML page.

6.5CVSS6.3AI score0.00317EPSS
CVE
CVE
added 2024/11/06 5:15 p.m.298 views

CVE-2024-10827

Use after free in Serial in Google Chrome prior to 130.0.6723.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.7AI score0.0057EPSS
Total number of security vulnerabilities3662