Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
GoogleChrome

259 matches found

CVE
CVEadded 2024/02/21 4:15 a.m.7000 views

CVE-2024-1671

Inappropriate implementation in Site Isolation in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Medium)

6.5CVSS4.8AI score0.00038EPSS
CVE
CVEadded 2024/02/21 4:15 a.m.6874 views

CVE-2024-1674

Inappropriate implementation in Navigation in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS4.8AI score0.00012EPSS
CVE
CVEadded 2024/02/21 4:15 a.m.6870 views

CVE-2024-1675

Insufficient policy enforcement in Download in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS4.8AI score0.00065EPSS
CVE
CVEadded 2024/02/21 4:15 a.m.6227 views

CVE-2024-1676

Inappropriate implementation in Navigation in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Low)

9.8CVSS4.7AI score0.00186EPSS
CVE
CVEadded 2024/02/21 4:15 a.m.6142 views

CVE-2024-1669

Out of bounds memory access in Blink in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

8.8CVSS5.1AI score0.00164EPSS
CVE
CVEadded 2024/02/21 4:15 a.m.4586 views

CVE-2024-1670

Use after free in Mojo in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS5.8AI score0.00309EPSS
CVE
CVEadded 2024/02/21 4:15 a.m.3930 views

CVE-2024-1673

Use after free in Accessibility in Google Chrome prior to 122.0.6261.57 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)

8.8CVSS5.9AI score0.0036EPSS
CVE
CVEadded 2024/02/21 4:15 a.m.3924 views

CVE-2024-1672

Inappropriate implementation in Content Security Policy in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS4.8AI score0.00042EPSS
CVE
CVEadded 2024/05/22 4:15 p.m.3732 views

CVE-2024-5157

Use after free in Scheduling in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

8.8CVSS7.4AI score0.00724EPSS
CVE
CVEadded 2024/05/01 1:15 p.m.3602 views

CVE-2024-4059

Out of bounds read in V8 API in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to leak cross-site data via a crafted HTML page. (Chromium security severity: High)

6.5CVSS5.3AI score0.00104EPSS
CVE
CVEadded 2024/04/17 8:15 a.m.2176 views

CVE-2024-3832

Object corruption in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.2AI score0.03717EPSS
CVE
CVEadded 2024/03/06 7:15 p.m.1934 views

CVE-2024-2176

Use after free in FedCM in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.2AI score0.00562EPSS
CVE
CVEadded 2024/04/17 6:15 p.m.1631 views

CVE-2024-3914

Use after free in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.4AI score0.00208EPSS
CVE
CVEadded 2024/05/01 1:15 p.m.974 views

CVE-2024-4368

Use after free in Dawn in Google Chrome prior to 124.0.6367.118 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.5AI score0.00332EPSS
CVE
CVEadded 2024/05/14 3:44 p.m.667 views

CVE-2024-4671

Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

9.6CVSS6.3AI score0.00359EPSS
CVE
CVEadded 2024/12/18 10:15 p.m.606 views

CVE-2024-12692

Type Confusion in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.3AI score0.00433EPSS
CVE
CVEadded 2024/05/01 1:15 p.m.596 views

CVE-2024-4058

Type confusion in ANGLE in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

9CVSS8.4AI score0.0582EPSS
CVE
CVEadded 2024/04/17 8:15 a.m.542 views

CVE-2024-3833

Object corruption in WebAssembly in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.2AI score0.02577EPSS
CVE
CVEadded 2024/12/03 7:15 p.m.484 views

CVE-2024-12053

Type Confusion in V8 in Google Chrome prior to 131.0.6778.108 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.2AI score0.00218EPSS
CVE
CVEadded 2024/05/28 3:15 p.m.482 views

CVE-2024-5274

Type Confusion in V8 in Google Chrome prior to 125.0.6422.112 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

9.6CVSS6.9AI score0.03671EPSS
CVE
CVEadded 2024/05/15 9:15 p.m.419 views

CVE-2024-4947

Type Confusion in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

9.6CVSS6.9AI score0.00467EPSS
CVE
CVEadded 2024/09/17 9:15 p.m.378 views

CVE-2024-8907

Insufficient data validation in Omnibox in Google Chrome on Android prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML (XSS) via a crafted set of UI gestures. (Chromium security severity: Medium)

6.1CVSS6AI score0.00166EPSS
CVE
CVEadded 2024/05/14 4:17 p.m.334 views

CVE-2024-4761

Out of bounds write in V8 in Google Chrome prior to 124.0.6367.207 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

8.8CVSS5.8AI score0.0159EPSS
CVE
CVEadded 2024/08/21 9:15 p.m.333 views

CVE-2024-7971

Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

9.6CVSS6.8AI score0.00339EPSS
CVE
CVEadded 2024/10/29 10:15 p.m.331 views

CVE-2024-10487

Out of bounds write in Dawn in Google Chrome prior to 130.0.6723.92 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical)

8.8CVSS6.7AI score0.00246EPSS
CVE
CVEadded 2024/08/21 9:15 p.m.327 views

CVE-2024-7976

Inappropriate implementation in FedCM in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

4.3CVSS6.4AI score0.00116EPSS
CVE
CVEadded 2024/08/21 9:15 p.m.324 views

CVE-2024-8035

Inappropriate implementation in Extensions in Google Chrome on Windows prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

4.3CVSS6.4AI score0.00082EPSS
CVE
CVEadded 2024/04/17 8:15 a.m.323 views

CVE-2024-3834

Use after free in Downloads in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.8AI score0.0059EPSS
CVE
CVEadded 2024/08/21 9:15 p.m.321 views

CVE-2024-7978

Insufficient policy enforcement in Data Transfer in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

4.3CVSS6AI score0.00083EPSS
CVE
CVEadded 2024/08/21 9:15 p.m.321 views

CVE-2024-8033

Inappropriate implementation in WebApp Installs in Google Chrome on Windows prior to 128.0.6613.84 allowed an attacker who convinced a user to install a malicious application to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

4.3CVSS6.4AI score0.00098EPSS
CVE
CVEadded 2024/01/16 10:15 p.m.320 views

CVE-2024-0519

Out of bounds memory access in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.5AI score0.00226EPSS
CVE
CVEadded 2024/08/21 9:15 p.m.319 views

CVE-2024-7975

Inappropriate implementation in Permissions in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

4.3CVSS6.4AI score0.00117EPSS
CVE
CVEadded 2024/04/17 8:15 a.m.312 views

CVE-2024-3838

Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed an attacker who convinced a user to install a malicious app to perform UI spoofing via a crafted app. (Chromium security severity: Medium)

5.5CVSS5.7AI score0.00114EPSS
CVE
CVEadded 2024/04/06 3:15 p.m.311 views

CVE-2024-3159

Out of bounds memory access in V8 in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8AI score0.04741EPSS
CVE
CVEadded 2024/08/21 9:15 p.m.306 views

CVE-2024-7965

Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.6AI score0.10893EPSS
CVE
CVEadded 2024/04/06 3:15 p.m.295 views

CVE-2024-3158

Use after free in Bookmarks in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.8AI score0.01012EPSS
CVE
CVEadded 2024/09/03 11:15 p.m.294 views

CVE-2024-8362

Use after free in WebAudio in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS7.1AI score0.00142EPSS
CVE
CVEadded 2024/11/19 8:15 p.m.293 views

CVE-2024-11395

Type Confusion in V8 in Google Chrome prior to 131.0.6778.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.6AI score0.00217EPSS
CVE
CVEadded 2024/06/20 12:15 a.m.291 views

CVE-2024-6100

Type Confusion in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

8.8CVSS7.2AI score0.0122EPSS
CVE
CVEadded 2024/03/06 7:15 p.m.290 views

CVE-2024-2173

Out of bounds memory access in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8.6AI score0.00097EPSS
CVE
CVEadded 2024/09/17 9:15 p.m.287 views

CVE-2024-8904

Type Confusion in V8 in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.6AI score0.00182EPSS
CVE
CVEadded 2024/03/06 7:15 p.m.286 views

CVE-2024-2174

Inappropriate implementation in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS5.7AI score0.00121EPSS
CVE
CVEadded 2024/04/06 3:15 p.m.286 views

CVE-2024-3156

Inappropriate implementation in V8 in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

8.8CVSS8AI score0.01487EPSS
CVE
CVEadded 2024/05/22 4:15 p.m.281 views

CVE-2024-5158

Type Confusion in V8 in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to potentially perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

8.8CVSS5.8AI score0.00113EPSS
CVE
CVEadded 2024/04/17 8:15 a.m.280 views

CVE-2024-3837

Use after free in QUIC in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

8.8CVSS6.4AI score0.00311EPSS
CVE
CVEadded 2024/12/12 1:40 a.m.279 views

CVE-2024-12381

Type Confusion in V8 in Google Chrome prior to 131.0.6778.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.2AI score0.00374EPSS
CVE
CVEadded 2024/04/17 8:15 a.m.275 views

CVE-2024-3847

Insufficient policy enforcement in WebUI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)

9.8CVSS5.4AI score0.00049EPSS
CVE
CVEadded 2024/05/15 9:15 p.m.272 views

CVE-2024-4950

Inappropriate implementation in Downloads in Google Chrome prior to 125.0.6422.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

6.5CVSS5.5AI score0.00091EPSS
CVE
CVEadded 2024/08/01 6:15 p.m.271 views

CVE-2024-6990

Uninitialized Use in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical)

8.8CVSS6.3AI score0.00179EPSS
CVE
CVEadded 2024/09/03 11:15 p.m.271 views

CVE-2024-7970

Out of bounds write in V8 in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8CVSS6.7AI score0.00154EPSS
Total number of security vulnerabilities259