ChromeOS
by Google
CVEs (72)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-5179 | Cri | 0.64 | 9.8 | 0.02 | Mar 7, 2018 | Chrome OS before 53.0.2785.144 allows remote attackers to execute arbitrary commands at boot. | ||
| CVE-2016-5169 | Hig | 0.57 | 8.8 | 0.01 | Sep 25, 2016 | Format string vulnerability in Google Chrome OS before 53.0.2785.103 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | ||
| CVE-2017-15400 | Hig | 0.51 | 7.8 | 0.01 | Feb 7, 2018 | Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker to execute a command with the same privileges as the cups daemon via a crafted PPD file, aka a printer zeroconfig CRLF issue. | ||
| CVE-2010-4577 | Hig | 0.49 | 7.5 | 0.02 | Dec 22, 2010 | The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in WebKit, as used in Google Chrome before 8.0.552.224, Chrome OS before 8.0.552.343, webkitgtk before 1.2.6, and other products does not properly parse Cascading Style Sheets (CSS) token sequences, which… | ||
| CVE-2017-15397 | Hig | 0.48 | 7.4 | 0.00 | Feb 7, 2018 | Inappropriate implementation in ChromeVox in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker in a privileged network position to observe or tamper with certain cleartext HTTP requests by leveraging that position. | ||
| CVE-2017-5084 | Low | 0.21 | 3.3 | 0.00 | Oct 27, 2017 | Inappropriate implementation in image-burner in Google Chrome OS prior to 59.0.3071.92 allowed a local attacker to read local files via dbus-send commands to a BurnImage D-Bus endpoint. | ||
| CVE-2023-3739 | 0.00 | — | 0.00 | Aug 1, 2023 | Insufficient validation of untrusted input in Chromad in Google Chrome on ChromeOS prior to 115.0.5790.131 allowed a remote attacker to execute arbitrary code via a crafted shell script. (Chromium security severity: Low) | |||
| CVE-2023-3497 | 0.00 | — | 0.00 | Jul 3, 2023 | Out of bounds read in Google Security Processor firmware in Google Chrome on Chrome OS prior to 114.0.5735.90 allowed a local attacker to perform denial of service via physical access to the device. (Chromium security severity: Medium) | |||
| CVE-2023-2458 | 0.00 | — | 0.01 | May 12, 2023 | Use after free in ChromeOS Camera in Google Chrome on ChromeOS prior to 113.0.5672.114 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via UI interaction. (Chromium security severity: High) | |||
| CVE-2022-3658 | 0.00 | — | 0.00 | Nov 1, 2022 | Use after free in Feedback service on Chrome OS in Google Chrome on Chrome OS prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium) | |||
| CVE-2022-3318 | 0.00 | — | 0.00 | Nov 1, 2022 | Use after free in ChromeOS Notifications in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker who convinced a user to reboot Chrome OS to potentially exploit heap corruption via UI interaction. (Chromium security severity: Low) | |||
| CVE-2022-3050 | 0.00 | — | 0.01 | Sep 26, 2022 | Heap buffer overflow in WebUI in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions. | |||
| CVE-2022-3048 | 0.00 | — | 0.00 | Sep 26, 2022 | Inappropriate implementation in Chrome OS lockscreen in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a local attacker to bypass lockscreen navigation restrictions via physical access to the device. | |||
| CVE-2022-2587 | 0.00 | — | 0.01 | Aug 12, 2022 | Out of bounds write in Chrome OS Audio Server in Google Chrome on Chrome OS prior to 102.0.5005.125 allowed a remote attacker to potentially exploit heap corruption via crafted audio metadata. | |||
| CVE-2022-0603 | 0.00 | — | 0.01 | Apr 4, 2022 | Use after free in File Manager in Google Chrome on Chrome OS prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2022-0308 | 0.00 | — | 0.01 | Feb 12, 2022 | Use after free in Data Transfer in Google Chrome on Chrome OS prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2021-38013 | 0.00 | — | 0.01 | Dec 23, 2021 | Heap buffer overflow in fingerprint recognition in Google Chrome on ChromeOS prior to 96.0.4664.45 allowed a remote attacker who had compromised a WebUI renderer process to potentially perform a sandbox escape via a crafted HTML page. | |||
| CVE-2021-37964 | 0.00 | — | 0.01 | Oct 8, 2021 | Inappropriate implementation in ChromeOS Networking in Google Chrome on ChromeOS prior to 94.0.4606.54 allowed an attacker with a rogue wireless access point to to potentially carryout a wifi impersonation attack via a crafted ONC file. | |||
| CVE-2014-3180 | 0.00 | — | 0.01 | Nov 6, 2019 | In kernel/compat.c in the Linux kernel before 3.17, as used in Google Chrome OS and other products, there is a possible out-of-bounds read. restart_syscall uses uninitialized data when restarting compat_sys_nanosleep. NOTE: this is disputed because the code path is unreachable | |||
| CVE-2017-15403 | 0.00 | — | 0.01 | Jan 9, 2019 | Insufficient data validation in crosh could lead to a command injection under chronos privileges in Networking in Google Chrome on Chrome OS prior to 61.0.3163.113 allowed a local attacker to execute arbitrary code via a crafted HTML page. |
- risk 0.64cvss 9.8epss 0.02
Chrome OS before 53.0.2785.144 allows remote attackers to execute arbitrary commands at boot.
- risk 0.57cvss 8.8epss 0.01
Format string vulnerability in Google Chrome OS before 53.0.2785.103 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
- risk 0.51cvss 7.8epss 0.01
Insufficient restriction of IPP filters in CUPS in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker to execute a command with the same privileges as the cups daemon via a crafted PPD file, aka a printer zeroconfig CRLF issue.
- risk 0.49cvss 7.5epss 0.02
The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in WebKit, as used in Google Chrome before 8.0.552.224, Chrome OS before 8.0.552.343, webkitgtk before 1.2.6, and other products does not properly parse Cascading Style Sheets (CSS) token sequences, which…
- risk 0.48cvss 7.4epss 0.00
Inappropriate implementation in ChromeVox in Google Chrome OS prior to 62.0.3202.74 allowed a remote attacker in a privileged network position to observe or tamper with certain cleartext HTTP requests by leveraging that position.
- risk 0.21cvss 3.3epss 0.00
Inappropriate implementation in image-burner in Google Chrome OS prior to 59.0.3071.92 allowed a local attacker to read local files via dbus-send commands to a BurnImage D-Bus endpoint.
- CVE-2023-3739Aug 1, 2023risk 0.00cvss —epss 0.00
Insufficient validation of untrusted input in Chromad in Google Chrome on ChromeOS prior to 115.0.5790.131 allowed a remote attacker to execute arbitrary code via a crafted shell script. (Chromium security severity: Low)
- CVE-2023-3497Jul 3, 2023risk 0.00cvss —epss 0.00
Out of bounds read in Google Security Processor firmware in Google Chrome on Chrome OS prior to 114.0.5735.90 allowed a local attacker to perform denial of service via physical access to the device. (Chromium security severity: Medium)
- CVE-2023-2458May 12, 2023risk 0.00cvss —epss 0.01
Use after free in ChromeOS Camera in Google Chrome on ChromeOS prior to 113.0.5672.114 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via UI interaction. (Chromium security severity: High)
- CVE-2022-3658Nov 1, 2022risk 0.00cvss —epss 0.00
Use after free in Feedback service on Chrome OS in Google Chrome on Chrome OS prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium)
- CVE-2022-3318Nov 1, 2022risk 0.00cvss —epss 0.00
Use after free in ChromeOS Notifications in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker who convinced a user to reboot Chrome OS to potentially exploit heap corruption via UI interaction. (Chromium security severity: Low)
- CVE-2022-3050Sep 26, 2022risk 0.00cvss —epss 0.01
Heap buffer overflow in WebUI in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions.
- CVE-2022-3048Sep 26, 2022risk 0.00cvss —epss 0.00
Inappropriate implementation in Chrome OS lockscreen in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a local attacker to bypass lockscreen navigation restrictions via physical access to the device.
- CVE-2022-2587Aug 12, 2022risk 0.00cvss —epss 0.01
Out of bounds write in Chrome OS Audio Server in Google Chrome on Chrome OS prior to 102.0.5005.125 allowed a remote attacker to potentially exploit heap corruption via crafted audio metadata.
- CVE-2022-0603Apr 4, 2022risk 0.00cvss —epss 0.01
Use after free in File Manager in Google Chrome on Chrome OS prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- CVE-2022-0308Feb 12, 2022risk 0.00cvss —epss 0.01
Use after free in Data Transfer in Google Chrome on Chrome OS prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
- CVE-2021-38013Dec 23, 2021risk 0.00cvss —epss 0.01
Heap buffer overflow in fingerprint recognition in Google Chrome on ChromeOS prior to 96.0.4664.45 allowed a remote attacker who had compromised a WebUI renderer process to potentially perform a sandbox escape via a crafted HTML page.
- CVE-2021-37964Oct 8, 2021risk 0.00cvss —epss 0.01
Inappropriate implementation in ChromeOS Networking in Google Chrome on ChromeOS prior to 94.0.4606.54 allowed an attacker with a rogue wireless access point to to potentially carryout a wifi impersonation attack via a crafted ONC file.
- CVE-2014-3180Nov 6, 2019risk 0.00cvss —epss 0.01
In kernel/compat.c in the Linux kernel before 3.17, as used in Google Chrome OS and other products, there is a possible out-of-bounds read. restart_syscall uses uninitialized data when restarting compat_sys_nanosleep. NOTE: this is disputed because the code path is unreachable
- CVE-2017-15403Jan 9, 2019risk 0.00cvss —epss 0.01
Insufficient data validation in crosh could lead to a command injection under chronos privileges in Networking in Google Chrome on Chrome OS prior to 61.0.3163.113 allowed a local attacker to execute arbitrary code via a crafted HTML page.
Page 1 of 4