Chrome Security Vulnerabilities and Issues — Chrome CVE List

Lucene search

GoogleChrome

13 matches found

CVE•added 2023/12/21 11:15 p.m.•435 views

CVE-2023-7024

Heap buffer overflow in WebRTC in Google Chrome prior to 120.0.6099.129 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.9AI score0.01322EPSS

In wild

CVE•added 2023/12/06 2:15 a.m.•152 views

CVE-2023-6508

Use after free in Media Stream in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.8AI score0.00597EPSS

CVE•added 2023/12/14 10:15 p.m.•144 views

CVE-2023-6702

Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.4AI score0.35231EPSS

CVE•added 2023/12/14 10:15 p.m.•127 views

CVE-2023-6706

Use after free in FedCM in Google Chrome prior to 120.0.6099.109 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.7AI score0.00426EPSS

CVE•added 2023/12/14 10:15 p.m.•126 views

CVE-2023-6704

Use after free in libavif in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted image file. (Chromium security severity: High)

8.8CVSS8.8AI score0.00235EPSS

CVE•added 2023/12/06 2:15 a.m.•125 views

CVE-2023-6512

Inappropriate implementation in Web Browser UI in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to potentially spoof the contents of an iframe dialog context menu via a crafted HTML page. (Chromium security severity: Low)

6.5CVSS6.2AI score0.00309EPSS

CVE•added 2023/12/14 10:15 p.m.•125 views

CVE-2023-6707

Use after free in CSS in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS8.8AI score0.00459EPSS

CVE•added 2023/12/06 2:15 a.m.•122 views

CVE-2023-6509

Use after free in Side Panel Search in Google Chrome prior to 120.0.6099.62 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: High)

8.8CVSS8.8AI score0.00764EPSS

CVE•added 2023/12/06 2:15 a.m.•117 views

CVE-2023-6510

Use after free in Media Capture in Google Chrome prior to 120.0.6099.62 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium)

8.8CVSS8.8AI score0.01042EPSS

CVE•added 2023/12/14 10:15 p.m.•115 views

CVE-2023-6703

Use after free in Blink in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.8AI score0.00426EPSS

CVE•added 2023/12/14 10:15 p.m.•114 views

CVE-2023-6705

Use after free in WebRTC in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.8AI score0.00451EPSS

CVE•added 2023/12/06 2:15 a.m.•113 views

CVE-2023-6511

Inappropriate implementation in Autofill in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low)

4.3CVSS4.9AI score0.00133EPSS

CVE•added 2023/12/20 4:15 p.m.•49 views

CVE-2023-3742

Insufficient policy enforcement in ADB in Google Chrome on ChromeOS prior to 114.0.5735.90 allowed a local attacker to bypass device policy restrictions via physical access to the device. (Chromium security severity: High)

6.8CVSS5.9AI score0.00008EPSS