Chrome Security Vulnerabilities and Issues — Chrome CVE List

Lucene search

GoogleChrome

18 matches found

CVE•added 2023/02/22 8:15 p.m.•181 views

CVE-2023-0941

Use after free in Prompts in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

8.8CVSS8.9AI score0.00207EPSS

CVE•added 2023/02/07 9:15 p.m.•169 views

CVE-2023-0705

Integer overflow in Core in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who had one a race condition to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)

7.5CVSS7.8AI score0.0023EPSS

CVE•added 2023/02/22 8:15 p.m.•168 views

CVE-2023-0931

Use after free in Video in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.9AI score0.00101EPSS

CVE•added 2023/02/07 9:15 p.m.•165 views

CVE-2023-0696

Type confusion in V8 in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.4AI score0.00134EPSS

CVE•added 2023/02/22 8:15 p.m.•162 views

CVE-2023-0927

Use after free in Web Payments API in Google Chrome on Android prior to 110.0.5481.177 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.8AI score0.00228EPSS

CVE•added 2023/02/22 8:15 p.m.•160 views

CVE-2023-0933

Integer overflow in PDF in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium)

8.8CVSS8.7AI score0.00261EPSS

CVE•added 2023/02/07 9:15 p.m.•153 views

CVE-2023-0698

Out of bounds read in WebRTC in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8AI score0.00154EPSS

CVE•added 2023/02/22 8:15 p.m.•144 views

CVE-2023-0929

Use after free in Vulkan in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.9AI score0.00152EPSS

CVE•added 2023/02/22 8:15 p.m.•138 views

CVE-2023-0930

Heap buffer overflow in Video in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.8AI score0.0044EPSS

CVE•added 2023/02/07 9:15 p.m.•128 views

CVE-2023-0703

Type confusion in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interactions. (Chromium security severity: Medium)

8.8CVSS8.5AI score0.00208EPSS

CVE•added 2023/02/22 8:15 p.m.•128 views

CVE-2023-0928

Use after free in SwiftShader in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.9AI score0.00168EPSS

CVE•added 2023/02/22 8:15 p.m.•122 views

CVE-2023-0932

Use after free in WebRTC in Google Chrome on Windows prior to 110.0.5481.177 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.9AI score0.00309EPSS

CVE•added 2023/02/07 9:15 p.m.•118 views

CVE-2023-0699

Use after free in GPU in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page and browser shutdown. (Chromium security severity: Medium)

8.8CVSS8.8AI score0.00213EPSS

CVE•added 2023/02/07 9:15 p.m.•116 views

CVE-2023-0701

Heap buffer overflow in WebUI in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via UI interaction . (Chromium security severity: Medium)

8.8CVSS8.7AI score0.00313EPSS

CVE•added 2023/02/07 9:15 p.m.•115 views

CVE-2023-0700

Inappropriate implementation in Download in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)

6.5CVSS6.2AI score0.00116EPSS

CVE•added 2023/02/07 9:15 p.m.•110 views

CVE-2023-0697

Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 110.0.5481.77 allowed a remote attacker to spoof the contents of the security UI via a crafted HTML page. (Chromium security severity: High)

6.5CVSS6.1AI score0.00082EPSS

CVE•added 2023/02/07 9:15 p.m.•110 views

CVE-2023-0702

Type confusion in Data Transfer in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS8.3AI score0.00146EPSS

CVE•added 2023/02/07 9:15 p.m.•99 views

CVE-2023-0704

Insufficient policy enforcement in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to bypass same origin policy and proxy settings via a crafted HTML page. (Chromium security severity: Low)

6.5CVSS6.3AI score0.00034EPSS