VYPR

Chrome

by Google

Source repositories

CVEs (5,374)

  • CVE-2023-3742MedDec 20, 2023
    risk 0.44cvss 6.8epss 0.00

    Insufficient policy enforcement in ADB in Google Chrome on ChromeOS prior to 114.0.5735.90 allowed a local attacker to bypass device policy restrictions via physical access to the device. (Chromium security severity: High)

  • CVE-2022-3048MedSep 26, 2022
    risk 0.44cvss 6.8epss 0.00

    Inappropriate implementation in Chrome OS lockscreen in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a local attacker to bypass lockscreen navigation restrictions via physical access to the device.

  • CVE-2021-30597MedAug 26, 2021
    risk 0.44cvss 6.8epss 0.01

    Use after free in Browser UI in Google Chrome on Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via physical access to the device.

  • CVE-2021-30594MedAug 26, 2021
    risk 0.44cvss 6.8epss 0.01

    Use after free in Page Info UI in Google Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via physical access to the device.

  • CVE-2021-21216MedApr 26, 2021
    risk 0.44cvss 6.5epss 0.22

    Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote attacker to spoof security UI via a crafted HTML page.

  • CVE-2021-21177MedMar 9, 2021
    risk 0.44cvss 6.5epss 0.17

    Insufficient policy enforcement in Autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

  • CVE-2021-21140MedFeb 9, 2021
    risk 0.44cvss 6.8epss 0.01

    Uninitialized use in USB in Google Chrome prior to 88.0.4324.96 allowed a local attacker to potentially perform out of bounds memory access via via a USB device.

  • CVE-2021-21135MedFeb 9, 2021
    risk 0.44cvss 6.5epss 0.19

    Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

  • CVE-2026-5892MedApr 8, 2026
    risk 0.43cvss 6.6epss 0.00

    Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to install a PWA without user consent via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2021-30582MedAug 3, 2021
    risk 0.43cvss 6.5epss 0.05

    Inappropriate implementation in Animation in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

  • CVE-2021-21141MedFeb 9, 2021
    risk 0.43cvss 6.5epss 0.05

    Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass file extension policy via a crafted HTML page.

  • CVE-2021-21139MedFeb 9, 2021
    risk 0.43cvss 6.5epss 0.05

    Inappropriate implementation in iframe sandbox in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

  • CVE-2021-21137MedFeb 9, 2021
    risk 0.43cvss 6.5epss 0.06

    Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.

  • CVE-2021-21136MedFeb 9, 2021
    risk 0.43cvss 6.5epss 0.04

    Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

  • CVE-2021-21134MedFeb 9, 2021
    risk 0.43cvss 6.5epss 0.05

    Incorrect security UI in Page Info in Google Chrome on iOS prior to 88.0.4324.96 allowed a remote attacker to spoof security UI via a crafted HTML page.

  • CVE-2021-21131MedFeb 9, 2021
    risk 0.43cvss 6.5epss 0.08

    Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.

  • CVE-2021-21130MedFeb 9, 2021
    risk 0.43cvss 6.5epss 0.05

    Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.

  • CVE-2021-21129MedFeb 9, 2021
    risk 0.43cvss 6.5epss 0.05

    Insufficient policy enforcement in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.

  • CVE-2021-21126MedFeb 9, 2021
    risk 0.43cvss 6.5epss 0.09

    Insufficient policy enforcement in extensions in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension.

  • CVE-2021-21123MedFeb 9, 2021
    risk 0.43cvss 6.5epss 0.10

    Insufficient data validation in File System API in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page.

Page 113 of 269