Chrome Security Vulnerabilities and Issues — Page 6 of Chrome CVE List

Lucene search

GoogleChrome

3667 matches found

CVE•added 2021/01/08 7:15 p.m.•297 views

CVE-2020-16042

Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

6.5CVSS6.7AI score0.00396EPSS

CVE•added 2020/04/13 6:15 p.m.•297 views

CVE-2020-6423

Use after free in audio in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.8AI score0.01896EPSS

CVE•added 2020/04/13 6:15 p.m.•296 views

CVE-2020-6434

Use after free in devtools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.8AI score0.01485EPSS

CVE•added 2019/06/27 5:15 p.m.•295 views

CVE-2019-5830

Insufficient policy enforcement in CORS in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

6.5CVSS6.2AI score0.00871EPSS

CVE•added 2019/06/27 5:15 p.m.•295 views

CVE-2019-5833

Incorrect dialog box scoping in browser in Google Chrome on Android prior to 75.0.3770.80 allowed a remote attacker to display misleading security UI via a crafted HTML page.

4.3CVSS4.9AI score0.0078EPSS

CVE•added 2023/08/03 1:15 a.m.•295 views

CVE-2023-4072

Out of bounds read and write in WebGL in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.4AI score0.00424EPSS

CVE•added 2024/05/30 11:15 p.m.•295 views

CVE-2024-5495

Use after free in Dawn in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.5AI score0.00297EPSS

CVE•added 2025/01/22 8:15 p.m.•295 views

CVE-2025-0612

Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

7.5CVSS6.8AI score0.00217EPSS

CVE•added 2020/01/03 11:15 p.m.•294 views

CVE-2019-5844

Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.5CVSS7AI score0.00966EPSS

CVE•added 2020/04/13 6:15 p.m.•294 views

CVE-2020-6430

Type Confusion in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.3AI score0.01896EPSS

CVE•added 2020/04/13 6:15 p.m.•294 views

CVE-2020-6443

Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to execute arbitrary code via a crafted HTML page.

8.8CVSS8.2AI score0.01339EPSS

CVE•added 2020/05/21 4:15 a.m.•294 views

CVE-2020-6489

Inappropriate implementation in developer tools in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had convinced the user to take certain actions in developer tools to obtain potentially sensitive information from disk via a crafted HTML page.

4.3CVSS4.8AI score0.01041EPSS

CVE•added 2020/07/22 5:15 p.m.•294 views

CVE-2020-6524

Heap buffer overflow in WebAudio in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

9.3CVSS8.9AI score0.03228EPSS

CVE•added 2024/08/01 6:15 p.m.•294 views

CVE-2024-7255

Out of bounds read in WebTransport in Google Chrome prior to 127.0.6533.88 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.2AI score0.00549EPSS

CVE•added 2024/09/11 2:15 p.m.•294 views

CVE-2024-8636

Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS7.1AI score0.00201EPSS

CVE•added 2019/05/23 8:29 p.m.•293 views

CVE-2019-5787

Use-after-garbage-collection in Blink in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

9.3CVSS8.4AI score0.01576EPSS

CVE•added 2024/05/15 9:15 p.m.•293 views

CVE-2024-4949

Use after free in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

9.6CVSS6.5AI score0.00188EPSS

CVE•added 2024/05/30 11:15 p.m.•293 views

CVE-2024-5493

Heap buffer overflow in WebRTC in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.6AI score0.00481EPSS

CVE•added 2025/06/24 8:15 p.m.•293 views

CVE-2025-6557

Insufficient data validation in DevTools in Google Chrome on Windows prior to 138.0.7204.49 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low)

5.4CVSS7.5AI score0.00066EPSS

CVE•added 2019/05/23 8:29 p.m.•292 views

CVE-2019-5795

Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file.

8.8CVSS8.2AI score0.0065EPSS

CVE•added 2019/06/27 5:15 p.m.•292 views

CVE-2019-5829

Integer overflow in download manager in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

8.8CVSS8.2AI score0.02152EPSS

CVE•added 2019/06/27 5:15 p.m.•292 views

CVE-2019-5836

Heap buffer overflow in ANGLE in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.6AI score0.02036EPSS

CVE•added 2020/03/23 4:15 p.m.•292 views

CVE-2020-6425

Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.149 allowed an attacker who convinced a user to install a malicious extension to bypass site isolation via a crafted Chrome Extension.

5.8CVSS5.8AI score0.00492EPSS

CVE•added 2020/04/13 6:15 p.m.•292 views

CVE-2020-6444

Uninitialized use in WebRTC in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.8CVSS6.7AI score0.01386EPSS

CVE•added 2024/06/11 9:15 p.m.•292 views

CVE-2024-5832

Use after free in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS7.3AI score0.00256EPSS

CVE•added 2024/06/11 9:15 p.m.•292 views

CVE-2024-5834

Inappropriate implementation in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

8.8CVSS7.5AI score0.00649EPSS

CVE•added 2024/06/20 12:15 a.m.•292 views

CVE-2024-6101

Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.3AI score0.00346EPSS

CVE•added 2024/08/21 9:15 p.m.•292 views

CVE-2024-7969

Type Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.5AI score0.0019EPSS

CVE•added 2019/06/27 5:15 p.m.•291 views

CVE-2019-5832

Insufficient policy enforcement in XMLHttpRequest in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

6.5CVSS6.2AI score0.01133EPSS

CVE•added 2019/06/27 5:15 p.m.•291 views

CVE-2019-5839

Excessive data validation in URL parser in Google Chrome prior to 75.0.3770.80 allowed a remote attacker who convinced a user to input a URL to bypass website URL validation via a crafted URL.

4.3CVSS5AI score0.01034EPSS

CVE•added 2020/01/03 11:15 p.m.•291 views

CVE-2019-5846

Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.5CVSS7AI score0.00966EPSS

CVE•added 2020/04/13 6:15 p.m.•291 views

CVE-2020-6455

Out of bounds read in WebSQL in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.4AI score0.01242EPSS

CVE•added 2024/11/06 5:15 p.m.•291 views

CVE-2024-10826

Use after free in Family Experiences in Google Chrome on Android prior to 130.0.6723.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.7AI score0.00237EPSS

CVE•added 2024/12/18 10:15 p.m.•291 views

CVE-2024-12695

Out of bounds write in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

8.8CVSS7.2AI score0.00828EPSS

CVE•added 2024/06/11 9:15 p.m.•291 views

CVE-2024-5833

Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.6AI score0.00196EPSS

CVE•added 2024/06/11 9:15 p.m.•290 views

CVE-2024-5839

Inappropriate Implementation in Memory Allocator in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS6.8AI score0.001EPSS

CVE•added 2024/06/11 9:15 p.m.•290 views

CVE-2024-5840

Policy bypass in CORS in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Medium)

6.5CVSS6.4AI score0.00057EPSS

CVE•added 2024/09/17 9:15 p.m.•290 views

CVE-2024-8905

Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS6.5AI score0.00167EPSS

CVE•added 2025/01/15 11:15 a.m.•290 views

CVE-2025-0441

Inappropriate implementation in Fenced Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to obtain potentially sensitive information from the system via a crafted HTML page. (Chromium security severity: Medium)

6.5CVSS5.9AI score0.00091EPSS

CVE•added 2020/04/13 6:15 p.m.•289 views

CVE-2020-6451

Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.8AI score0.00795EPSS

CVE•added 2020/07/22 5:15 p.m.•289 views

CVE-2020-6525

Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.9AI score0.01613EPSS

CVE•added 2024/06/11 9:15 p.m.•289 views

CVE-2024-5838

Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.6AI score0.00196EPSS

CVE•added 2024/06/11 9:15 p.m.•289 views

CVE-2024-5844

Heap buffer overflow in Tab Strip in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS7.2AI score0.00316EPSS

CVE•added 2024/07/16 10:15 p.m.•289 views

CVE-2024-6773

Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.2AI score0.00401EPSS

CVE•added 2024/08/06 9:16 p.m.•289 views

CVE-2024-7535

Inappropriate implementation in V8 in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.6AI score0.00222EPSS

CVE•added 2025/02/04 7:15 p.m.•289 views

CVE-2025-0451

Inappropriate implementation in Extensions API in Google Chrome prior to 133.0.6943.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Medium)

6.3CVSS6.4AI score0.00206EPSS

CVE•added 2014/09/25 5:55 p.m.•288 views

CVE-2014-1568

Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1 and 31.x before 31.1.2, Mozilla SeaMonkey before 2.29.1...

7.5CVSS5.3AI score0.41418EPSS

CVE•added 2023/01/10 8:15 p.m.•288 views

CVE-2023-0131

Inappropriate implementation in in iframe Sandbox in Google Chrome prior to 109.0.5414.74 allowed a remote attacker to bypass file download restrictions via a crafted HTML page. (Chromium security severity: Medium)

6.5CVSS5.7AI score0.00029EPSS

CVE•added 2024/05/30 11:15 p.m.•288 views

CVE-2024-5496

Use after free in Media Session in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

8.8CVSS7.4AI score0.00726EPSS

CVE•added 2024/06/11 9:15 p.m.•288 views

CVE-2024-5846

Use after free in PDFium in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium)

8.8CVSS7.4AI score0.00256EPSS

Total number of security vulnerabilities3667