VYPR

Chrome

by Google

Source repositories

CVEs (5,401)

  • CVE-2026-5284HigApr 1, 2026
    risk 0.49cvss 7.5epss 0.00

    Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-5277HigApr 1, 2026
    risk 0.49cvss 7.5epss 0.00

    Integer overflow in ANGLE in Google Chrome on Windows prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

  • CVE-2025-13721HigDec 2, 2025
    risk 0.49cvss 7.5epss 0.00

    Race in v8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2024-9126HigNov 14, 2025
    risk 0.49cvss 7.5epss 0.00

    Use after free in Internals in Google Chrome on iOS prior to 127.0.6533.88 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a series of curated UI gestures. (Chromium security severity: Medium)

  • CVE-2024-7017HigNov 14, 2025
    risk 0.49cvss 7.5epss 0.00

    Inappropriate implementation in DevTools in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2025-12726HigNov 10, 2025
    risk 0.49cvss 7.5epss 0.00

    Inappropriate implementation in Views in Google Chrome on Windows prior to 142.0.7444.137 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: High)

  • CVE-2025-12437HigNov 10, 2025
    risk 0.49cvss 7.5epss 0.00

    Use after free in PageInfo in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2025-12430HigNov 10, 2025
    risk 0.49cvss 7.5epss 0.00

    Object lifecycle issue in Media in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: High)

  • CVE-2025-11211HigNov 6, 2025
    risk 0.49cvss 7.5epss 0.00

    Out of bounds read in Media in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2025-1566HigApr 16, 2025
    risk 0.49cvss 7.5epss 0.00

    DNS Leak in Native System VPN in Google ChromeOS Dev Channel on ChromeOS 16002.23.0 allows network observers to expose plaintext DNS queries via failure to properly tunnel DNS traffic during VPN state transitions.

  • CVE-2025-0612HigJan 22, 2025
    risk 0.49cvss 7.5epss 0.00

    Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-9960HigOct 15, 2024
    risk 0.49cvss 7.5epss 0.00

    Use after free in Dawn in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2024-6778HigJul 16, 2024
    risk 0.49cvss 7.5epss 0.01

    Race in DevTools in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High)

  • CVE-2024-3840HigApr 17, 2024
    risk 0.49cvss 7.5epss 0.01

    Insufficient policy enforcement in Site Isolation in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2024-2886HigMar 26, 2024
    risk 0.49cvss 7.5epss 0.02

    Use after free in WebCodecs in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-0804HigJan 24, 2024
    risk 0.49cvss 7.5epss 0.00

    Insufficient policy enforcement in iOS Security UI in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2023-2135HigApr 19, 2023
    risk 0.49cvss 7.5epss 0.01

    Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-0705HigFeb 7, 2023
    risk 0.49cvss 7.5epss 0.01

    Integer overflow in Core in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who had one a race condition to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2022-1487HigJul 26, 2022
    risk 0.49cvss 7.5epss 0.01

    Use after free in Ozone in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via running a Wayland test.

  • CVE-2022-1485HigJul 26, 2022
    risk 0.49cvss 7.5epss 0.01

    Use after free in File System API in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Page 109 of 271