Lucene search

K

3596 matches found

CVE
CVE
added 2024/06/20 12:15 a.m.245 views

CVE-2024-6101

Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.3AI score0.00546EPSS
CVE
CVE
added 2024/09/11 2:15 p.m.245 views

CVE-2024-8636

Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS7.1AI score0.00185EPSS
CVE
CVE
added 2019/12/10 10:15 p.m.244 views

CVE-2019-13749

Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0.3945.79 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

6.5CVSS6.1AI score0.01851EPSS
CVE
CVE
added 2019/11/25 3:15 p.m.244 views

CVE-2019-5862

Insufficient data validation in AppCache in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.

6.5CVSS6.5AI score0.00096EPSS
CVE
CVE
added 2020/05/21 4:15 a.m.244 views

CVE-2020-6468

Type confusion in V8 in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.6AI score0.42466EPSS
CVE
CVE
added 2022/07/26 10:15 p.m.244 views

CVE-2022-1479

Use after free in ANGLE in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.8AI score0.00419EPSS
CVE
CVE
added 2022/07/28 1:15 a.m.244 views

CVE-2022-2008

Double free in WebGL in Google Chrome prior to 102.0.5005.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.7AI score0.00339EPSS
CVE
CVE
added 2023/10/11 11:15 p.m.244 views

CVE-2023-5478

Inappropriate implementation in Autofill in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)

4.3CVSS4.8AI score0.00104EPSS
CVE
CVE
added 2024/05/30 11:15 p.m.244 views

CVE-2024-5493

Heap buffer overflow in WebRTC in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.6AI score0.00481EPSS
CVE
CVE
added 2024/08/21 9:15 p.m.244 views

CVE-2024-7969

Type Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.5AI score0.0019EPSS
CVE
CVE
added 2019/11/25 3:15 p.m.243 views

CVE-2019-13706

Out of bounds memory access in PDFium in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

7.8CVSS7.8AI score0.00374EPSS
CVE
CVE
added 2019/06/27 5:15 p.m.243 views

CVE-2019-5840

Incorrect security UI in popup blocker in Google Chrome on iOS prior to 75.0.3770.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

4.3CVSS4.9AI score0.00616EPSS
CVE
CVE
added 2021/03/16 3:15 p.m.243 views

CVE-2021-21191

Use after free in WebRTC in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.8AI score0.00987EPSS
CVE
CVE
added 2022/04/05 1:15 a.m.243 views

CVE-2022-0807

Inappropriate implementation in Autofill in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

6.5CVSS6.5AI score0.00071EPSS
CVE
CVE
added 2022/07/28 2:15 a.m.243 views

CVE-2022-2477

Use after free in Guest View in Google Chrome prior to 103.0.5060.134 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.8AI score0.00154EPSS
CVE
CVE
added 2022/08/12 8:15 p.m.243 views

CVE-2022-2623

Use after free in Offline in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via specific UI interactions.

8.8CVSS8.8AI score0.00425EPSS
CVE
CVE
added 2024/05/15 9:15 p.m.243 views

CVE-2024-4949

Use after free in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

9.6CVSS6.5AI score0.00188EPSS
CVE
CVE
added 2024/11/27 6:15 p.m.243 views

CVE-2024-7025

Integer overflow in Layout in Google Chrome prior to 129.0.6668.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.7AI score0.00236EPSS
CVE
CVE
added 2019/06/27 5:15 p.m.242 views

CVE-2019-5837

Resource size information leakage in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

6.5CVSS6.2AI score0.01133EPSS
CVE
CVE
added 2022/07/26 10:15 p.m.242 views

CVE-2022-1482

Inappropriate implementation in WebGL in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.5CVSS6.8AI score0.00155EPSS
CVE
CVE
added 2022/07/27 10:15 p.m.242 views

CVE-2022-1863

Use after free in Tab Groups in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension and specific user interaction.

8.8CVSS9.1AI score0.00114EPSS
CVE
CVE
added 2023/10/11 11:15 p.m.242 views

CVE-2023-5475

Inappropriate implementation in DevTools in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted Chrome Extension. (Chromium security severity: Medium)

6.5CVSS6.5AI score0.00029EPSS
CVE
CVE
added 2024/08/01 6:15 p.m.242 views

CVE-2024-7255

Out of bounds read in WebTransport in Google Chrome prior to 127.0.6533.88 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.2AI score0.00195EPSS
CVE
CVE
added 2025/01/15 11:15 a.m.242 views

CVE-2025-0441

Inappropriate implementation in Fenced Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to obtain potentially sensitive information from the system via a crafted HTML page. (Chromium security severity: Medium)

6.5CVSS5.9AI score0.00098EPSS
CVE
CVE
added 2019/11/25 3:15 p.m.241 views

CVE-2019-13699

Use after free in media in Google Chrome prior to 78.0.3904.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.8AI score0.01004EPSS
CVE
CVE
added 2019/12/10 10:15 p.m.241 views

CVE-2019-13757

Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.

4.3CVSS5.1AI score0.01851EPSS
CVE
CVE
added 2019/02/19 5:29 p.m.241 views

CVE-2019-5766

Incorrect handling of origin taint checking in Canvas in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

6.5CVSS5.6AI score0.00877EPSS
CVE
CVE
added 2019/02/19 5:29 p.m.241 views

CVE-2019-5769

Incorrect handling of invalid end character position when front rendering in Blink in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS6.2AI score0.01655EPSS
CVE
CVE
added 2019/02/19 5:29 p.m.241 views

CVE-2019-5778

A missing case for handling special schemes in permission request checks in Extensions in Google Chrome prior to 72.0.3626.81 allowed an attacker who convinced a user to install a malicious extension to bypass extension permission checks for privileged pages via a crafted Chrome Extension.

6.5CVSS5.9AI score0.00493EPSS
CVE
CVE
added 2019/11/25 3:15 p.m.241 views

CVE-2019-5867

Out of bounds read in JavaScript in Google Chrome prior to 76.0.3809.100 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.5CVSS6.2AI score0.00271EPSS
CVE
CVE
added 2019/11/25 3:15 p.m.241 views

CVE-2019-5868

Use after free in PDFium in Google Chrome prior to 76.0.3809.100 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

5.5CVSS6AI score0.00134EPSS
CVE
CVE
added 2020/02/11 3:15 p.m.241 views

CVE-2020-6412

Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.

5.8CVSS5.8AI score0.00574EPSS
CVE
CVE
added 2021/06/04 6:15 p.m.241 views

CVE-2021-30510

Use after free in Aura in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.8AI score0.00605EPSS
CVE
CVE
added 2024/11/06 5:15 p.m.241 views

CVE-2024-10826

Use after free in Family Experiences in Google Chrome on Android prior to 130.0.6723.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.7AI score0.00224EPSS
CVE
CVE
added 2024/06/11 9:15 p.m.241 views

CVE-2024-5832

Use after free in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS7.3AI score0.00256EPSS
CVE
CVE
added 2024/07/16 10:15 p.m.241 views

CVE-2024-6773

Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.2AI score0.0026EPSS
CVE
CVE
added 2024/09/17 9:15 p.m.241 views

CVE-2024-8905

Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS6.5AI score0.00167EPSS
CVE
CVE
added 2025/02/04 7:15 p.m.241 views

CVE-2025-0451

Inappropriate implementation in Extensions API in Google Chrome prior to 133.0.6943.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Medium)

6.3CVSS6.4AI score0.00217EPSS
CVE
CVE
added 2019/11/25 3:15 p.m.240 views

CVE-2019-13702

Inappropriate implementation in installer in Google Chrome on Windows prior to 78.0.3904.70 allowed a local attacker to perform privilege escalation via a crafted executable.

7.8CVSS7.5AI score0.00185EPSS
CVE
CVE
added 2019/02/19 5:29 p.m.240 views

CVE-2019-5775

Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.

6.5CVSS5.6AI score0.00852EPSS
CVE
CVE
added 2022/04/05 1:15 a.m.240 views

CVE-2022-0789

Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8CVSS8.9AI score0.00727EPSS
CVE
CVE
added 2024/12/18 10:15 p.m.240 views

CVE-2024-12694

Use after free in Compositing in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.8AI score0.00136EPSS
CVE
CVE
added 2024/05/30 11:15 p.m.240 views

CVE-2024-5496

Use after free in Media Session in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

8.8CVSS7.4AI score0.00726EPSS
CVE
CVE
added 2024/06/11 9:15 p.m.240 views

CVE-2024-5833

Type Confusion in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.6AI score0.00196EPSS
CVE
CVE
added 2024/06/11 9:15 p.m.240 views

CVE-2024-5839

Inappropriate Implementation in Memory Allocator in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS6.8AI score0.001EPSS
CVE
CVE
added 2024/06/11 9:15 p.m.240 views

CVE-2024-5845

Use after free in Audio in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium)

8.8CVSS7.4AI score0.00256EPSS
CVE
CVE
added 2024/08/01 6:15 p.m.240 views

CVE-2024-7256

Insufficient data validation in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

8.8CVSS7.1AI score0.0031EPSS
CVE
CVE
added 2024/08/06 9:16 p.m.240 views

CVE-2024-7535

Inappropriate implementation in V8 in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.6AI score0.00222EPSS
CVE
CVE
added 2025/05/05 6:15 p.m.240 views

CVE-2025-4052

Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Low)

9.8CVSS5.9AI score0.00047EPSS
CVE
CVE
added 2019/12/10 10:15 p.m.239 views

CVE-2019-13726

Buffer overflow in password manager in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to execute arbitrary code via a crafted HTML page.

8.8CVSS8.6AI score0.074EPSS
Total number of security vulnerabilities3596