Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
GoogleChrome*

297 matches found

CVE
CVEadded 2023/09/12 3:15 p.m.1386 views

CVE-2023-4863

Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)

8.8CVSS8.5AI score0.93991EPSS
CVE
CVEadded 2023/04/14 7:15 p.m.1065 views

CVE-2023-2033

Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.9AI score0.0714EPSS
CVE
CVEadded 2023/04/19 4:15 a.m.941 views

CVE-2023-2136

Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

9.6CVSS8.2AI score0.00289EPSS
CVE
CVEadded 2023/09/28 4:15 p.m.869 views

CVE-2023-5217

Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS9.2AI score0.01679EPSS
CVE
CVEadded 2023/01/02 11:15 p.m.747 views

CVE-2022-0337

Inappropriate implementation in File System API in Google Chrome on Windows prior to 97.0.4692.71 allowed a remote attacker to obtain potentially sensitive information via a crafted HTML page. (Chrome security severity: High)

6.5CVSS5.5AI score0.29455EPSS
CVE
CVEadded 2023/06/05 10:15 p.m.728 views

CVE-2023-3079

Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.6AI score0.00526EPSS
CVE
CVEadded 2023/08/23 12:15 a.m.728 views

CVE-2023-4431

Out of bounds memory access in Fonts in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)

8.1CVSS7.6AI score0.00128EPSS
CVE
CVEadded 2023/08/23 12:15 a.m.575 views

CVE-2023-4428

Out of bounds memory access in CSS in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

8.1CVSS7.6AI score0.07638EPSS
CVE
CVEadded 2023/01/02 11:15 p.m.507 views

CVE-2022-0801

Inappropriate implementation in HTML parser in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass XSS preventions via a crafted HTML page. (Chrome security severity: Medium)

6.1CVSS6.1AI score0.00048EPSS
CVE
CVEadded 2023/08/03 1:15 a.m.476 views

CVE-2023-4068

Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

8.1CVSS7.5AI score0.02683EPSS
CVE
CVEadded 2023/08/23 12:15 a.m.443 views

CVE-2023-4427

Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

8.1CVSS7.6AI score0.79899EPSS
CVE
CVEadded 2023/08/03 1:15 a.m.441 views

CVE-2023-4070

Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

8.1CVSS7.5AI score0.00151EPSS
CVE
CVEadded 2023/05/30 10:15 p.m.435 views

CVE-2023-2940

Inappropriate implementation in Downloads in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)

6.5CVSS6.4AI score0.00022EPSS
CVE
CVEadded 2023/09/05 10:15 p.m.427 views

CVE-2023-4761

Out of bounds memory access in FedCM in Google Chrome prior to 116.0.5845.179 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

8.1CVSS7.6AI score0.0024EPSS
CVE
CVEadded 2023/12/21 11:15 p.m.378 views

CVE-2023-7024

Heap buffer overflow in WebRTC in Google Chrome prior to 120.0.6099.129 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.9AI score0.01348EPSS
CVE
CVEadded 2023/09/05 10:15 p.m.374 views

CVE-2023-4764

Incorrect security UI in BFCache in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High)

6.5CVSS6.2AI score0.001EPSS
CVE
CVEadded 2023/11/29 12:15 p.m.369 views

CVE-2023-6345

Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High)

9.6CVSS9.2AI score0.0067EPSS
CVE
CVEadded 2023/05/30 10:15 p.m.365 views

CVE-2023-2941

Inappropriate implementation in Extensions API in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to spoof the contents of the UI via a crafted Chrome Extension. (Chromium security severity: Low)

4.3CVSS5AI score0.00083EPSS
CVE
CVEadded 2023/01/10 8:15 p.m.361 views

CVE-2023-0129

Heap buffer overflow in Network Service in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page and specific interactions. (Chromium security severity: High)

8.8CVSS8.7AI score0.00123EPSS
CVE
CVEadded 2023/03/07 10:15 p.m.343 views

CVE-2023-1234

Inappropriate implementation in Intents in Google Chrome on Android prior to 111.0.5563.64 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low)

4.3CVSS4.9AI score0.00362EPSS
CVE
CVEadded 2023/09/05 10:15 p.m.340 views

CVE-2023-4762

Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.7AI score0.11497EPSS
CVE
CVEadded 2023/10/05 6:15 p.m.340 views

CVE-2023-5346

Type confusion in V8 in Google Chrome prior to 117.0.5938.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.4AI score0.0059EPSS
CVE
CVEadded 2023/08/25 7:15 p.m.336 views

CVE-2019-13689

Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a remote attacker to perform arbitrary read/write via a malicious file. (Chromium security severity: Critical)

7.8CVSS7.2AI score0.00183EPSS
CVE
CVEadded 2023/10/11 11:15 p.m.331 views

CVE-2023-5485

Inappropriate implementation in Autofill in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to bypass autofill restrictions via a crafted HTML page. (Chromium security severity: Low)

4.3CVSS4.9AI score0.00036EPSS
CVE
CVEadded 2023/05/30 10:15 p.m.308 views

CVE-2023-2937

Inappropriate implementation in Picture In Picture in Google Chrome prior to 114.0.5735.90 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)

4.3CVSS4.7AI score0.00128EPSS
CVE
CVEadded 2023/08/23 12:15 a.m.297 views

CVE-2023-4430

Use after free in Vulkan in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.8AI score0.11354EPSS
CVE
CVEadded 2023/08/03 1:15 a.m.295 views

CVE-2023-4078

Inappropriate implementation in Extensions in Google Chrome prior to 115.0.5790.170 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: Medium)

8.8CVSS7.7AI score0.00156EPSS
CVE
CVEadded 2023/10/11 11:15 p.m.294 views

CVE-2023-5487

Inappropriate implementation in Fullscreen in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severity: Medium)

6.5CVSS6.5AI score0.00034EPSS
CVE
CVEadded 2023/08/03 1:15 a.m.290 views

CVE-2023-4076

Use after free in WebRTC in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted WebRTC session. (Chromium security severity: High)

8.8CVSS8.8AI score0.00781EPSS
CVE
CVEadded 2023/05/30 10:15 p.m.289 views

CVE-2023-2938

Inappropriate implementation in Picture In Picture in Google Chrome prior to 114.0.5735.90 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)

4.3CVSS4.7AI score0.00128EPSS
CVE
CVEadded 2023/08/03 1:15 a.m.289 views

CVE-2023-4069

Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.4AI score0.02166EPSS
CVE
CVEadded 2023/08/23 12:15 a.m.289 views

CVE-2023-4429

Use after free in Loader in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.8AI score0.00392EPSS
CVE
CVEadded 2023/10/11 11:15 p.m.289 views

CVE-2023-5483

Inappropriate implementation in Intents in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Medium)

6.5CVSS6.3AI score0.00073EPSS
CVE
CVEadded 2023/08/03 1:15 a.m.286 views

CVE-2023-4073

Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.5AI score0.00591EPSS
CVE
CVEadded 2023/01/10 8:15 p.m.284 views

CVE-2023-0131

Inappropriate implementation in in iframe Sandbox in Google Chrome prior to 109.0.5414.74 allowed a remote attacker to bypass file download restrictions via a crafted HTML page. (Chromium security severity: Medium)

6.5CVSS5.7AI score0.00029EPSS
CVE
CVEadded 2023/05/30 10:15 p.m.284 views

CVE-2023-2939

Insufficient data validation in Installer in Google Chrome on Windows prior to 114.0.5735.90 allowed a local attacker to perform privilege escalation via crafted symbolic link. (Chromium security severity: Medium)

7.8CVSS7.6AI score0.00021EPSS
CVE
CVEadded 2023/08/03 1:15 a.m.282 views

CVE-2023-4071

Heap buffer overflow in Visuals in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.7AI score0.00496EPSS
CVE
CVEadded 2023/10/11 11:15 p.m.282 views

CVE-2023-5481

Inappropriate implementation in Downloads in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)

6.5CVSS6.3AI score0.00103EPSS
CVE
CVEadded 2023/08/03 1:15 a.m.281 views

CVE-2023-4075

Use after free in Cast in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.8AI score0.00593EPSS
CVE
CVEadded 2023/08/03 1:15 a.m.281 views

CVE-2023-4077

Insufficient data validation in Extensions in Google Chrome prior to 115.0.5790.170 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: Medium)

8.8CVSS7.7AI score0.00156EPSS
CVE
CVEadded 2023/10/11 11:15 p.m.277 views

CVE-2023-5477

Inappropriate implementation in Installer in Google Chrome prior to 118.0.5993.70 allowed a local attacker to bypass discretionary access control via a crafted command. (Chromium security severity: Low)

4.3CVSS5AI score0.00023EPSS
CVE
CVEadded 2023/08/03 1:15 a.m.276 views

CVE-2023-4074

Use after free in Blink Task Scheduling in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.8AI score0.00437EPSS
CVE
CVEadded 2023/08/03 1:15 a.m.274 views

CVE-2023-4072

Out of bounds read and write in WebGL in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.4AI score0.00424EPSS
CVE
CVEadded 2023/10/11 11:15 p.m.256 views

CVE-2023-5479

Inappropriate implementation in Extensions API in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. (Chromium security severity: Medium)

6.5CVSS6.4AI score0.00033EPSS
CVE
CVEadded 2023/11/08 8:15 p.m.247 views

CVE-2023-5996

Use after free in WebAudio in Google Chrome prior to 119.0.6045.123 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.8AI score0.00343EPSS
CVE
CVEadded 2023/10/11 11:15 p.m.244 views

CVE-2023-5478

Inappropriate implementation in Autofill in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)

4.3CVSS4.8AI score0.00104EPSS
CVE
CVEadded 2023/10/11 11:15 p.m.242 views

CVE-2023-5475

Inappropriate implementation in DevTools in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted Chrome Extension. (Chromium security severity: Medium)

6.5CVSS6.5AI score0.00029EPSS
CVE
CVEadded 2023/01/30 9:15 a.m.231 views

CVE-2023-0472

Use after free in WebRTC in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.8AI score0.0018EPSS
CVE
CVEadded 2023/03/21 9:15 p.m.230 views

CVE-2023-1529

Out of bounds memory access in WebHID in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a malicious HID device. (Chromium security severity: High)

9.8CVSS9.2AI score0.00279EPSS
CVE
CVEadded 2023/03/07 10:15 p.m.228 views

CVE-2023-1232

Insufficient policy enforcement in Resource Timing in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to obtain potentially sensitive information from API via a crafted HTML page. (Chromium security severity: Low)

4.3CVSS4.7AI score0.00062EPSS
Total number of security vulnerabilities297