Chrome Security Vulnerabilities and Issues — Chrome CVE List

Lucene search

GoogleChrome

13 matches found

CVE•added 2023/12/21 11:15 p.m.•378 views

CVE-2023-7024

Heap buffer overflow in WebRTC in Google Chrome prior to 120.0.6099.129 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.9AI score0.01348EPSS

CVE•added 2023/12/06 2:15 a.m.•116 views

CVE-2023-6508

Use after free in Media Stream in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.8AI score0.00597EPSS

CVE•added 2023/12/14 10:15 p.m.•105 views

CVE-2023-6702

Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.4AI score0.37214EPSS

CVE•added 2023/12/14 10:15 p.m.•93 views

CVE-2023-6706

Use after free in FedCM in Google Chrome prior to 120.0.6099.109 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.7AI score0.00426EPSS

CVE•added 2023/12/14 10:15 p.m.•91 views

CVE-2023-6707

Use after free in CSS in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS8.8AI score0.00446EPSS

CVE•added 2023/12/06 2:15 a.m.•90 views

CVE-2023-6512

Inappropriate implementation in Web Browser UI in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to potentially spoof the contents of an iframe dialog context menu via a crafted HTML page. (Chromium security severity: Low)

6.5CVSS6.2AI score0.00309EPSS

CVE•added 2023/12/06 2:15 a.m.•89 views

CVE-2023-6509

Use after free in Side Panel Search in Google Chrome prior to 120.0.6099.62 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: High)

8.8CVSS8.8AI score0.00764EPSS

CVE•added 2023/12/14 10:15 p.m.•88 views

CVE-2023-6704

Use after free in libavif in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted image file. (Chromium security severity: High)

8.8CVSS8.8AI score0.00338EPSS

CVE•added 2023/12/06 2:15 a.m.•84 views

CVE-2023-6510

Use after free in Media Capture in Google Chrome prior to 120.0.6099.62 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium)

8.8CVSS8.8AI score0.01042EPSS

CVE•added 2023/12/06 2:15 a.m.•79 views

CVE-2023-6511

Inappropriate implementation in Autofill in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low)

4.3CVSS4.9AI score0.00133EPSS

CVE•added 2023/12/14 10:15 p.m.•79 views

CVE-2023-6703

Use after free in Blink in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.8AI score0.00426EPSS

CVE•added 2023/12/14 10:15 p.m.•79 views

CVE-2023-6705

Use after free in WebRTC in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.8AI score0.00451EPSS

CVE•added 2023/12/20 4:15 p.m.•48 views

CVE-2023-3742

Insufficient policy enforcement in ADB in Google Chrome on ChromeOS prior to 114.0.5735.90 allowed a local attacker to bypass device policy restrictions via physical access to the device. (Chromium security severity: High)

6.8CVSS5.9AI score0.00008EPSS