Chrome Security Vulnerabilities and Issues — Chrome CVE List

Lucene search

GoogleChrome

20 matches found

CVE•added 2023/04/14 7:15 p.m.•1077 views

CVE-2023-2033

Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.9AI score0.08655EPSS

CVE•added 2023/04/19 4:15 a.m.•954 views

CVE-2023-2136

Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

9.6CVSS8.2AI score0.00392EPSS

CVE•added 2023/04/19 4:15 a.m.•153 views

CVE-2023-2133

Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.7AI score0.00614EPSS

CVE•added 2023/04/19 4:15 a.m.•153 views

CVE-2023-2137

Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS8.9AI score0.00186EPSS

CVE•added 2023/04/04 10:15 p.m.•143 views

CVE-2023-1810

Heap buffer overflow in Visuals in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.6AI score0.00794EPSS

CVE•added 2023/04/04 10:15 p.m.•138 views

CVE-2023-1811

Use after free in Frames in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.8AI score0.00555EPSS

CVE•added 2023/04/04 10:15 p.m.•118 views

CVE-2023-1817

Insufficient policy enforcement in Intents in Google Chrome on Android prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)

6.5CVSS6.2AI score0.00077EPSS

CVE•added 2023/04/04 10:15 p.m.•118 views

CVE-2023-1818

Use after free in Vulkan in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS8.8AI score0.00792EPSS

CVE•added 2023/04/04 10:15 p.m.•117 views

CVE-2023-1814

Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass download checking via a crafted HTML page. (Chromium security severity: Medium)

6.5CVSS6.3AI score0.00041EPSS

CVE•added 2023/04/04 10:15 p.m.•117 views

CVE-2023-1822

Incorrect security UI in Navigation in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low)

6.5CVSS6.4AI score0.00407EPSS

CVE•added 2023/04/19 4:15 a.m.•114 views

CVE-2023-2135

Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

7.5CVSS8.2AI score0.00318EPSS

CVE•added 2023/04/19 4:15 a.m.•107 views

CVE-2023-2134

8.8CVSS8.7AI score0.00427EPSS

CVE•added 2023/04/04 10:15 p.m.•105 views

CVE-2023-1819

Out of bounds read in Accessibility in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)

6.5CVSS6.6AI score0.00186EPSS

CVE•added 2023/04/04 10:15 p.m.•104 views

CVE-2023-1816

Incorrect security UI in Picture In Picture in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially perform navigation spoofing via a crafted HTML page. (Chromium security severity: Medium)

6.5CVSS6.4AI score0.00286EPSS

CVE•added 2023/04/04 10:15 p.m.•100 views

CVE-2023-1815

Use after free in Networking APIs in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS8.8AI score0.00552EPSS

CVE•added 2023/04/04 10:15 p.m.•100 views

CVE-2023-1821

Inappropriate implementation in WebShare in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to potentially hide the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low)

6.5CVSS6.2AI score0.00238EPSS

CVE•added 2023/04/04 10:15 p.m.•99 views

CVE-2023-1820

Heap buffer overflow in Browser History in Google Chrome prior to 112.0.5615.49 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS8.6AI score0.00659EPSS

CVE•added 2023/04/04 10:15 p.m.•93 views

CVE-2023-1812

Out of bounds memory access in DOM Bindings in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS8AI score0.00999EPSS

CVE•added 2023/04/04 10:15 p.m.•91 views

CVE-2023-1823

Inappropriate implementation in FedCM in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)

6.5CVSS6.3AI score0.00041EPSS

CVE•added 2023/04/04 10:15 p.m.•90 views

CVE-2023-1813

Inappropriate implementation in Extensions in Google Chrome prior to 112.0.5615.49 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)

6.5CVSS6.4AI score0.00042EPSS