Lucene search
K
MicrosoftEdge Chromium

241 matches found

CVE
CVE
added 2023/06/29 12:48 a.m.1993 views

CVE-2022-29146

CVE-2022-29146 is a Microsoft Edge (Chromium-based) Elevation of Privilege vulnerability. CVSS v3.1 base score 8.3 (HIGH) with network attack vector, high attack complexity, no privileges required, user interaction required, scope changed; impacts include confidentiality, integrity and availabili...

8.3CVSS8.1AI score0.00997EPSS
CVE
CVE
added 2023/09/12 2:24 p.m.1565 views

CVE-2023-4863

CVE-2023-4863 describes a heap buffer overflow in libwebp used by Google Chrome prior to 116.0.5845.187 and in libwebp 1.3.2. A remote attacker can cause an out-of-bounds memory write by presenting a crafted HTML page. The vulnerability is exploitable over the network and requires user interactio...

8.8CVSS8.5AI score0.99694EPSS
In wild
CVE
CVE
added 2023/06/29 12:47 a.m.1540 views

CVE-2022-29144

CVE-2022-29144 : Microsoft Edge (Chromium-based) has an Elevation of Privilege vulnerability. The NVD entry rates it as CVSS v3.1 base score 7.5 (HIGH) with vectors AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H. Exploitation involves no user privilege but requires user interaction, and the impact covers co...

7.5CVSS7.5AI score0.00997EPSS
CVE
CVE
added 2020/11/03 2:21 a.m.1378 views

CVE-2020-16009

CVE-2020-16009 is a Google Chrome/Chromium V8 type-confusion vulnerability that could allow remote code execution via a crafted HTML page. Root cause: type confusion in V8 before 86.0.4240.183. Affected product family includes Google Chrome and other Chromium-based browsers; Debian security advis...

8.8CVSS8.6AI score0.48574EPSS
In wild
CVE
CVE
added 2022/11/25 12:0 a.m.1208 views

CVE-2022-4135

CVE-2022-4135 affects Google Chrome/Chromium GPU code. It is a heap buffer overflow in the GPU path prior to Chrome 107.0.5304.121 that could allow a remote attacker (with renderer access) to escape the sandbox via a crafted HTML page. Chrome confirms exploitation in the wild; a stable-channel pa...

9.6CVSS9.3AI score0.31864EPSS
In wild
CVE
CVE
added 2023/06/29 12:48 a.m.1169 views

CVE-2022-29147

CVE-2022-29147 is documented as a Spoofing Vulnerability in Microsoft Edge (Chromium-based) . The available sources identify the issue with Edge UI spoofing, but do not provide detailed technical roots beyond the vulnerability class. The CVSS data in the Initial Document shows a low base score (3...

3.1CVSS4AI score0.00609EPSS
CVE
CVE
added 2023/09/28 3:23 p.m.990 views

CVE-2023-5217

CVE-2023-5217 is a heap buffer overflow in VP8 encoding in libvpx (affecting Google Chrome before 117.0.5938.132 and libvpx 1.13.1). A crafted HTML page could remotely trigger heap corruption. Multiple connected sources confirm the vulnerability in libvpx/WebP contexts; Apple’s advisory notes CVE...

8.8CVSS9.2AI score0.49013EPSS
In wild
CVE
CVE
added 2023/06/29 4:25 a.m.947 views

CVE-2022-23264

Microsoft Edge (Chromium-based) is affected by CVE-2022-23264, a spoofing vulnerability impacting the browser’s user interface. The issue is described as a Spoofing Vulnerability in Edge (Chromium-based) with a CVSS v3.1 base score of 4.7 (MEDIUM) and a Network attack vector requiring user intera...

4.7CVSS4.5AI score0.00676EPSS
CVE
CVE
added 2021/02/22 9:20 p.m.840 views

CVE-2021-21157

CVE-2021-21157 : Use-after-free in the Web Sockets component of Chromium/ Google Chrome on Linux prior to 88.0.4324.182. The underlying issue is a use-after-free that could allow a remote attacker to potentially execute arbitrary code via a crafted HTML page, with impact described as heap corrupt...

8.8CVSS9AI score0.09458EPSS
CVE
CVE
added 2025/12/18 10:1 p.m.746 views

CVE-2025-65046

CVE-2025-65046 is a Microsoft Edge (Chromium-based) spoofing vulnerability. The connected sources corroborate a spoofing flaw in Edge with low overall base score (CVSS v3.1: 3.1, low impact on confidentiality/integrity/availability; user interaction required; network attack vector; high attack co...

3.1CVSS6.2AI score0.00227EPSS
CVE
CVE
added 2022/12/13 12:0 a.m.736 views

CVE-2022-44708

CVE-2022-44708 is a Microsoft Edge (Chromium-based) Elevation of Privilege vulnerability. The initial document lists Edge Chromium-based Elevation of Privilege (CVE-2022-44708) with a CVSS v3.1 base score of 8.3 (High), attack vector Network, attack complexity High, privileges required None, user...

8.3CVSS8.2AI score0.01887EPSS
CVE
CVE
added 2025/12/12 7:20 p.m.637 views

CVE-2025-14174

CVE-2025-14174 = Out-of-bounds memory access in ANGLE within Google Chrome on macOS prior to 143.0.7499.110. A remote attacker could trigger memory access errors via a crafted HTML page. Affected software: Google Chrome on macOS; vulnerable component: ANGLE. Impact: high enough to potentially ena...

8.8CVSS6.2AI score0.22359EPSS
In wild
CVE
CVE
added 2025/09/05 8:28 p.m.528 views

CVE-2025-53791

CVE-2025-53791 affects Microsoft Edge (Chromium-based). The provided data indicate an improper access control vulnerability that allows an unauthorized network attacker to bypass a security feature. The description and connected sources confirm the affected product family but do not specify affec...

4.7CVSS6AI score0.00364EPSS
CVE
CVE
added 2023/06/29 1:22 a.m.494 views

CVE-2022-26899

CVE-2022-26899 is a Microsoft Edge (Chromium-based) Elevation of Privilege vulnerability. The connected sources confirm an Edge EoP issue with the NVD listing a base CVSS v3.1 score of 8.8 (HIGH) and an MSRC entry; exploitation status is not detailed in the provided documents. Affected product: M...

8.8CVSS7.2AI score0.00716EPSS
CVE
CVE
added 2023/11/29 12:2 p.m.488 views

CVE-2023-6345

CVE-2023-6345 is an integer overflow in the Skia graphics library used by Google Chrome prior to 119.0.6045.199. The vulnerability allows a renderer-compromised attacker to potentially escape the sandbox via a malicious file. Affected product: Google Chrome (Skia component). Root cause: integer o...

9.6CVSS9.2AI score0.1963EPSS
In wild
CVE
CVE
added 2025/06/02 11:36 p.m.431 views

CVE-2025-5419

CVE-2025-5419: Out-of-bounds read/write in V8 (Chromium) used by Google Chrome/Chromium-based browsers. A remote attacker could potentially exploit heap corruption via a crafted HTML page. Affected: Google Chrome/Chromium’s V8 until version 137.0.7151.68. Impact described as High (C:E/I/H/A: High...

8.8CVSS6.7AI score0.06463EPSS
In wild
CVE
CVE
added 2023/09/05 9:57 p.m.422 views

CVE-2023-4762

CVE-2023-4762 is a Type Confusion in V8 affecting Google Chrome/Chromium prior to 116.0.5845.179 that allows remote code execution via a crafted HTML page. The vulnerability is documented in multiple sources (Chrome/Chromium release notes; Debian security advisory stating fixes in 116.0.5845.180 ...

8.8CVSS8.7AI score0.37987EPSS
In wild
CVE
CVE
added 2021/06/08 10:46 p.m.417 views

CVE-2021-33741

Microsoft Edge (Chromium-based) Elevation of Privilege vulnerability (CVE-2021-33741) affects the Edge Chromium browser. The connected sources confirm an Elevation of Privilege issue with Edge, but do not provide concrete exploit details, root cause specifics, or affected versions beyond the gene...

8.2CVSS7.7AI score0.02747EPSS
CVE
CVE
added 2023/04/28 5:38 p.m.411 views

CVE-2023-29334

Technical details for CVE-2023-29334 (affected products, root cause, impact, and fixes) are not provided in the supplied documents. Monitor vendor advisories and security feeds for an official update.

4.3CVSS4.7AI score0.0109EPSS
CVE
CVE
added 2024/08/21 8:20 p.m.399 views

CVE-2024-7965

CVE-2024-7965 affects Google Chrome’s V8 engine (Chromium) with an inappropriate implementation vulnerability that allows remote heap corruption via a crafted HTML page. Impact is High (CVE entry notes potential exploitation, with network attack vector and user interaction required). Affected sof...

8.8CVSS6.6AI score0.17227EPSS
In wild
CVE
CVE
added 2021/09/03 7:25 p.m.341 views

CVE-2021-30617

CVE-2021-30617 affects Chromium’s Blink engine with a policy bypass vulnerability. Connected sources label the issue as a Blink policy bypass in Chromium and reference Chromium 93.x updates as mitigations (e.g., Fedora advisories: chromium-93.0.4577.63-1.fc34/.fc35). The core detail consistently ...

6.5CVSS7.2AI score0.03741EPSS
In wild
CVE
CVE
added 2023/08/21 7:4 p.m.323 views

CVE-2023-38158

CVE-2023-38158 is an Information Disclosure vulnerability affecting Microsoft Edge (Chromium-based). The initial description notes a low-severity information disclosure issue. Connected sources corroborate that Edge versions prior to 116.0.1938.54 are affected, with remediation involving an updat...

3.1CVSS3.9AI score0.01204EPSS
CVE
CVE
added 2023/07/14 5:54 p.m.284 views

CVE-2023-36887

CVE-2023-36887 affects Microsoft Edge (Chromium-based). Talos details a memory corruption/type confusion vulnerability in the MSDCPDF Javascript implementation used to process Acrobat-based PDFs, exploitable via specially crafted PDF documents. Affected Edge versions include 112.0.1722.58 and 114...

7.8CVSS7.7AI score0.01283EPSS
CVE
CVE
added 2023/08/26 12:14 a.m.280 views

CVE-2023-36741

CVE-2023-36741 refers to a Microsoft Edge (Chromium-based) elevation of privilege vulnerability. The initial document identifies the vulnerability as Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability with a high-severity CVSS score (base 7.5/8.3 in the NVD/Microsoft CVSS vector...

8.3CVSS7.5AI score0.01841EPSS
CVE
CVE
added 2021/09/03 7:26 p.m.264 views

CVE-2021-30624

CVE-2021-30624 is reported as a Use after free in Autofill in Chromium. The connected documents consistently refer to Chromium Autofill as the vulnerable component and identify the root cause as a use-after-free condition in Autofill code paths. The published CVSS metrics in the initial descripti...

8.8CVSS8.2AI score0.04125EPSS
CVE
CVE
added 2023/11/06 11:12 p.m.256 views

CVE-2023-36409

CVE-2023-36409 affects Microsoft Edge (Chromium-based). It is an information disclosure vulnerability. CNNVD reports affected versions prior to 118.0.2088.46. Other sources reference this CVE in GLSA-202402-05 with Edge multi-vulnerability context. Remediation: update to the latest Microsoft Edge...

6.5CVSS6AI score0.00906EPSS
CVE
CVE
added 2023/08/07 5:15 p.m.248 views

CVE-2023-38157

CVE-2023-38157 — Microsoft Edge (Chromium-based) Security Feature Bypass is documented as affecting the Edge browser. The provided sources identify the affected product as Microsoft Edge (Chromium-based) and describe the vulnerability as a security feature bypass. The CVSS vector in the Initial d...

6.5CVSS6.5AI score0.02279EPSS
CVE
CVE
added 2023/08/21 7:4 p.m.247 views

CVE-2023-36787

Microsoft Edge (Chromium-based) Elevation of Privilege vulnerability (CVE-2023-36787) affects Edge; root cause details are per CVE entry and linked advisories. Connected sources confirm the issue is a privilege-escalation in Edge (Chromium) and note that public exploits exist. Deployment impact i...

8.8CVSS8.5AI score0.01767EPSS
CVE
CVE
added 2025/01/24 9:32 p.m.247 views

CVE-2025-21262

Microsoft Edge (Chromium-based) is affected by CVE-2025-21262 (UI spoofing). The vulnerability concerns misrepresentation of UI information in the browser, enabling a network-based attacker to perform spoofing. Affected product: Microsoft Edge (Chromium-based); vulnerable component/function: User...

5.4CVSS5.2AI score0.00377EPSS
CVE
CVE
added 2022/04/05 8:5 p.m.243 views

CVE-2022-24523

Technical details about CVE-2022-24523 are not publicly provided in the connected documents; the available sources only reference the vulnerability as a Chrome-based Edge spoofing issue with general context. Monitor for updates.

4.3CVSS4.7AI score0.01285EPSS
CVE
CVE
added 2024/08/08 8:45 p.m.240 views

CVE-2024-38218

CVE-2024-38218 affects Microsoft Edge (HTML-based). The issue is a memory corruption vulnerability in the HTML-based engine, with high impact to confidentiality, integrity, and availability (CVSS metrics show LOCAL attacker, low complexity, no user interaction). Connected sources confirm the Edge...

8.4CVSS8.3AI score0.00607EPSS
CVE
CVE
added 2021/02/09 1:56 p.m.236 views

CVE-2021-21132

CVE-2021-21132 stems from an inappropriate implementation in the DevTools component of Google Chrome (Chromium) prior to 88.0.4324.96, which could allow a remote attacker to escape the sandbox via a crafted Chrome Extension. Affected product/area: Chrome/Chromium DevTools. Root cause: implementat...

9.6CVSS8.7AI score0.23406EPSS
CVE
CVE
added 2022/04/05 8:5 p.m.233 views

CVE-2022-26891

Technical details for CVE-2022-26891 are not publicly available in the provided documents. Monitor for updates from official advisories; sources list Edge Chromium as affected but do not disclose root cause, affected versions, or remediation specifics.

8.3CVSS8.1AI score0.01742EPSS
CVE
CVE
added 2021/02/09 1:55 p.m.227 views

CVE-2021-21118

CVE-2021-21118 is a data validation issue in the V8 JavaScript engine of Chromium-based browsers. The connected advisories and Debian/Arch Fedora entries confirm the vulnerability stems from insufficient data validation in V8 prior to version 88.0.4324.96, potentially enabling out-of-bounds memor...

8.8CVSS8.3AI score0.1677EPSS
CVE
CVE
added 2021/02/09 1:55 p.m.227 views

CVE-2021-21123

CVE-2021-21123 is a data validation vulnerability in Google Chrome’s File System API (Chromium) prior to 88.0.4324.96. The issue allows a remote attacker to bypass filesystem restrictions via a crafted HTML page due to insufficient data validation in the File System API/File System component. The...

6.5CVSS6.5AI score0.09966EPSS
CVE
CVE
added 2022/04/05 8:5 p.m.223 views

CVE-2022-26900

Technical details about CVE-2022-26900 (affected component, root cause, impact and fixes) are not provided in the supplied documents. Monitor for official advisories and vendor updates for specifics.

8.3CVSS8.1AI score0.01742EPSS
CVE
CVE
added 2022/06/29 5:10 p.m.223 views

CVE-2022-33638

Technical details for CVE-2022-33638 are not publicly provided in the supplied documents. Please monitor official advisories (MSRC, NVD) and vendor communications for affected components, impact, and remediation.

8.3CVSS7.7AI score0.02318EPSS
CVE
CVE
added 2023/11/09 11:28 p.m.222 views

CVE-2023-36014

CVE-2023-36014 affects Microsoft Edge (Chromium-based). The connected sources identify a remote code execution vulnerability in Edge Chromium components prior to versions 118.0.2088.102 and 119.0.2151.58 (Nessus plugin reference). The NVD entry lists a Exploitability: Local access with Low comple...

7.3CVSS7.4AI score0.0135EPSS
CVE
CVE
added 2024/12/06 1:9 a.m.222 views

CVE-2024-49041

Microsoft Edge (Chromium-based) spoofing vulnerability CVE-2024-49041 affects Edge versions up to 131.0.2903.63 per PT-2024-9305; remediation is to upgrade to a fixed version per advisories. Exploitation status is not detailed in the provided documents.

4.3CVSS4.5AI score0.0107EPSS
CVE
CVE
added 2021/02/09 1:55 p.m.220 views

CVE-2021-21120

CVE-2021-21120 is a use-after-free in Chromium’s WebSQL implementation reported as affecting Chromium before version 88.0.4324.96 . The connected sources confirm a remote attacker could potentially exploit this to cause heap corruption via a crafted HTML page. The details consistently reference t...

8.8CVSS9AI score0.06879EPSS
CVE
CVE
added 2021/02/09 1:55 p.m.220 views

CVE-2021-21122

CVE-2021-21122 is a use-after-free in the Blink/WebKit component of the Chromium/Chrome stack, reported to affect Chromium builds before version 88.0.4324.96. The vulnerability resides in Blink and, per security advisories, could result in arbitrary code execution or heap corruption when a crafte...

8.8CVSS9AI score0.0701EPSS
CVE
CVE
added 2024/02/02 12:8 a.m.220 views

CVE-2024-21399

CVE-2024-21399 affects Microsoft Edge (Chromium-based). It is described as a Remote Code Execution vulnerability with CVSS v3.1 base score 8.3 (HIGH): network attack vector, high impact on confidentiality, integrity, and availability, and requires user interaction with no privileges. The provided...

8.3CVSS8.2AI score0.01231EPSS
CVE
CVE
added 2021/02/09 1:56 p.m.219 views

CVE-2021-21135

CVE-2021-21135 corresponds to an incorrect implementation in the Performance API of Chromium/Chrome prior to 88.0.4324.96. The flaw allows a remote attacker to leak cross-origin data via a crafted HTML page. The issue is tied to the Chromium browser, with advisories and package updates in distrib...

6.5CVSS6.4AI score0.19228EPSS
CVE
CVE
added 2023/02/14 7:32 p.m.219 views

CVE-2023-23374

CVE-2023-23374 affects Microsoft Edge (Chromium-based) and is a Remote Code Execution vulnerability with a CVSS v3.1 base score of 8.3 (HIGH). It is network-exploitable with high attack complexity and requires user interaction. The connected GLSA/Gentoo-NASL entries indicate this CVE is part of a...

8.3CVSS8.3AI score0.01067EPSS
CVE
CVE
added 2025/02/06 10:41 p.m.219 views

CVE-2025-21267

CVE-2025-21267 is a Microsoft Edge (Chromium-based) Spoofing Vulnerability. Public references in connected docs confirm the affected product and that it enables spoofing of the user interface. The CVSS metrics in the Initial document indicate a Local attack vector, Low confidentiality/ integrity ...

4.4CVSS4.7AI score0.00557EPSS
CVE
CVE
added 2021/02/09 1:55 p.m.218 views

CVE-2021-21121

CVE-2021-21121 is a concrete use-after-free vulnerability in Chromium’s Omnibox on Linux, described as a use-after-free in the Omnibox component of the Chromium browser before version 88.0.4324.96. The advisory states a remote attacker could potentially perform a sandbox escape via a crafted HTML...

9.6CVSS9.2AI score0.0619EPSS
CVE
CVE
added 2024/04/04 9:47 p.m.217 views

CVE-2024-29981

CVE-2024-29981 affects Microsoft Edge (Chromium-based). The vulnerability is a spoofing flaw in the browser’s UI surface that could enable spoofed user interfaces. CVSS 3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N, base score 4.3 (Medium); exploitation requires user interaction and the attack vector i...

4.3CVSS4.8AI score0.00697EPSS
CVE
CVE
added 2021/02/09 1:55 p.m.216 views

CVE-2021-21119

CVE-2021-21119 : A use-after-free in the Media component of Google Chrome/Chromium prior to 88.0.4324.96 could allow a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. The issue affects Chromium-based browsers and was noted a...

8.8CVSS9AI score0.06825EPSS
CVE
CVE
added 2024/03/14 10:13 p.m.215 views

CVE-2024-26163

CVE-2024-26163 affects Microsoft Edge (Chromium-based). A security feature bypass vulnerability with CVSSv3.1 base metrics: AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N (base score 4.7, MEDIUM). The issue is network-exploitable with user interaction required; impact is limited to bypassing security featur...

4.7CVSS4.9AI score0.02093EPSS
CVE
CVE
added 2021/02/09 1:56 p.m.213 views

CVE-2021-21128

CVE-2021-21128 is a heap buffer overflow in Blink/WebKit of the Chromium browser prior to 88.0.4324.96. Per the Arch/DEBIAN security entries, this is a Chromium/browser component issue that could enable arbitrary code execution and is fixed in newer Chromium builds (upstream or downstream) after ...

8.8CVSS8.9AI score0.06506EPSS
Total number of security vulnerabilities241