Chrome Security Vulnerabilities and Issues — Chrome CVE List

Lucene search

GoogleChrome

25 matches found

CVE•added 2024/05/22 4:15 p.m.•3740 views

CVE-2024-5157

Use after free in Scheduling in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

8.8CVSS7.4AI score0.00724EPSS

CVE•added 2024/05/01 1:15 p.m.•3610 views

CVE-2024-4059

Out of bounds read in V8 API in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to leak cross-site data via a crafted HTML page. (Chromium security severity: High)

6.5CVSS5.3AI score0.00104EPSS

CVE•added 2024/05/01 1:15 p.m.•982 views

CVE-2024-4368

Use after free in Dawn in Google Chrome prior to 124.0.6367.118 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.5AI score0.00332EPSS

CVE•added 2024/05/14 3:44 p.m.•675 views

CVE-2024-4671

Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

9.6CVSS6.3AI score0.00373EPSS

CVE•added 2024/05/01 1:15 p.m.•604 views

CVE-2024-4058

Type confusion in ANGLE in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

9CVSS8.4AI score0.0582EPSS

CVE•added 2024/05/28 3:15 p.m.•490 views

CVE-2024-5274

Type Confusion in V8 in Google Chrome prior to 125.0.6422.112 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

9.6CVSS6.9AI score0.03229EPSS

CVE•added 2024/05/15 9:15 p.m.•427 views

CVE-2024-4947

Type Confusion in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

9.6CVSS6.9AI score0.00467EPSS

CVE•added 2024/05/14 4:17 p.m.•343 views

CVE-2024-4761

Out of bounds write in V8 in Google Chrome prior to 124.0.6367.207 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

8.8CVSS5.8AI score0.0159EPSS

CVE•added 2024/05/22 4:15 p.m.•289 views

CVE-2024-5158

Type Confusion in V8 in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to potentially perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

8.8CVSS5.8AI score0.00113EPSS

CVE•added 2024/05/15 9:15 p.m.•280 views

CVE-2024-4950

Inappropriate implementation in Downloads in Google Chrome prior to 125.0.6422.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

6.5CVSS5.5AI score0.00091EPSS

CVE•added 2024/05/15 9:15 p.m.•276 views

CVE-2024-4948

Use after free in Dawn in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.5AI score0.00188EPSS

CVE•added 2024/05/01 1:15 p.m.•272 views

CVE-2024-4331

Use after free in Picture In Picture in Google Chrome prior to 124.0.6367.118 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.4AI score0.00751EPSS

CVE•added 2024/05/01 1:15 p.m.•268 views

CVE-2024-4060

Use after free in Dawn in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

7.5CVSS6.4AI score0.00124EPSS

CVE•added 2024/05/30 11:15 p.m.•264 views

CVE-2024-5498

Use after free in Presentation API in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.5AI score0.00078EPSS

CVE•added 2024/05/22 4:15 p.m.•263 views

CVE-2024-5159

Heap buffer overflow in ANGLE in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.3AI score0.00255EPSS

CVE•added 2024/05/22 4:15 p.m.•260 views

CVE-2024-5160

Heap buffer overflow in Dawn in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.4AI score0.00223EPSS

CVE•added 2024/05/30 11:15 p.m.•258 views

CVE-2024-5499

Out of bounds write in Streams API in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

8.8CVSS7.1AI score0.01329EPSS

CVE•added 2024/05/30 11:15 p.m.•255 views

CVE-2024-5497

Out of bounds memory access in Browser UI in Google Chrome prior to 125.0.6422.141 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.1AI score0.00349EPSS

CVE•added 2024/05/30 11:15 p.m.•254 views

CVE-2024-5494

Use after free in Dawn in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.5AI score0.00297EPSS

CVE•added 2024/05/30 11:15 p.m.•253 views

CVE-2024-5495

Use after free in Dawn in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.5AI score0.00297EPSS

CVE•added 2024/05/30 11:15 p.m.•250 views

CVE-2024-5493

Heap buffer overflow in WebRTC in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.6AI score0.00481EPSS

CVE•added 2024/05/15 9:15 p.m.•249 views

CVE-2024-4949

Use after free in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

9.6CVSS6.5AI score0.00188EPSS

CVE•added 2024/05/30 11:15 p.m.•246 views

CVE-2024-5496

Use after free in Media Session in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

8.8CVSS7.4AI score0.00726EPSS

CVE•added 2024/05/07 7:15 p.m.•170 views

CVE-2024-4558

Use after free in ANGLE in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

9.6CVSS6.5AI score0.01413EPSS

CVE•added 2024/05/07 7:15 p.m.•95 views

CVE-2024-4559

Heap buffer overflow in WebAudio in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

7.5CVSS6.6AI score0.00327EPSS