Chrome
by Google
Source repositories
CVEs (5,320)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-6469 | Cri | 0.62 | 9.6 | 0.01 | May 21, 2020 | Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. | ||
| CVE-2020-6461 | Cri | 0.62 | 9.6 | 0.01 | May 21, 2020 | Use after free in storage in Google Chrome prior to 81.0.4044.129 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | ||
| CVE-2020-6457 | Cri | 0.62 | 9.6 | 0.01 | May 21, 2020 | Use after free in speech recognizer in Google Chrome prior to 81.0.4044.113 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | ||
| CVE-2019-5825 | Med | 0.62 | 6.5 | 0.56 | KEV | Nov 25, 2019 | Out of bounds write in JavaScript in Google Chrome prior to 73.0.3683.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2019-5850 | Cri | 0.62 | 9.6 | 0.01 | Nov 25, 2019 | Use after free in offline mode in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | ||
| CVE-2019-5786 | Med | 0.62 | 6.5 | 0.62 | KEV | Jun 27, 2019 | Object lifetime issue in Blink in Google Chrome prior to 72.0.3626.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | |
| CVE-2017-15402 | Cri | 0.62 | 9.6 | 0.01 | Jan 9, 2019 | Using an ID that can be controlled by a compromised renderer which allows any frame to overwrite the page_state of any other frame in the same process in Navigation in Google Chrome on Chrome OS prior to 62.0.3202.74 allowed a remote attacker who had compromised the renderer… | ||
| CVE-2023-6702 | Hig | 0.61 | 8.8 | 0.43 | Dec 14, 2023 | Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2023-4357 | Hig | 0.61 | 8.8 | 0.46 | Aug 15, 2023 | Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium) | ||
| CVE-2022-2010 | Cri | 0.61 | 9.3 | 0.01 | Jul 28, 2022 | Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | ||
| CVE-2019-5789 | Hig | 0.61 | 8.8 | 0.07 | May 23, 2019 | An integer overflow that leads to a use-after-free in WebMIDI in Google Chrome on Windows prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. | ||
| CVE-2019-5788 | Hig | 0.61 | 8.8 | 0.07 | May 23, 2019 | An integer overflow that leads to a use-after-free in Blink Storage in Google Chrome on Linux prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. | ||
| CVE-2018-6126 | Hig | 0.61 | 8.8 | 0.08 | Jan 9, 2019 | A precision error in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. | ||
| CVE-2018-16083 | Hig | 0.61 | 8.8 | 0.05 | Jan 9, 2019 | An out of bounds read in forward error correction code in WebRTC in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | ||
| CVE-2018-16071 | Hig | 0.61 | 8.8 | 0.05 | Jan 9, 2019 | A use after free in WebRTC in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. | ||
| CVE-2016-9651 | Hig | 0.61 | 8.8 | 0.11 | Jan 9, 2019 | A missing check for whether a property of a JS object is private in V8 in Google Chrome prior to 55.0.2883.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | ||
| CVE-2018-6092 | Hig | 0.61 | 8.8 | 0.09 | Dec 4, 2018 | An integer overflow on 32-bit systems in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | ||
| CVE-2018-6064 | Hig | 0.61 | 8.8 | 0.07 | Nov 14, 2018 | Type Confusion in the implementation of __defineGetter__ in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||
| CVE-2015-8664 | Hig | 0.61 | 8.8 | 0.06 | Dec 24, 2015 | Integer overflow in the WebCursor::Deserialize function in content/common/cursors/webcursor.cc in Google Chrome before 47.0.2526.106 allows remote attackers to cause a denial of service or possibly have unspecified other impact via an RGBA pixel array with crafted dimensions, a… | ||
| CVE-2023-6112 | Hig | 0.60 | 8.8 | 0.30 | Nov 15, 2023 | Use after free in Navigation in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
- risk 0.62cvss 9.6epss 0.01
Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
- risk 0.62cvss 9.6epss 0.01
Use after free in storage in Google Chrome prior to 81.0.4044.129 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- risk 0.62cvss 9.6epss 0.01
Use after free in speech recognizer in Google Chrome prior to 81.0.4044.113 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
- risk 0.62cvss 6.5epss 0.56
Out of bounds write in JavaScript in Google Chrome prior to 73.0.3683.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- risk 0.62cvss 9.6epss 0.01
Use after free in offline mode in Google Chrome prior to 76.0.3809.87 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- risk 0.62cvss 6.5epss 0.62
Object lifetime issue in Blink in Google Chrome prior to 72.0.3626.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
- risk 0.62cvss 9.6epss 0.01
Using an ID that can be controlled by a compromised renderer which allows any frame to overwrite the page_state of any other frame in the same process in Navigation in Google Chrome on Chrome OS prior to 62.0.3202.74 allowed a remote attacker who had compromised the renderer…
- risk 0.61cvss 8.8epss 0.43
Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- risk 0.61cvss 8.8epss 0.46
Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)
- risk 0.61cvss 9.3epss 0.01
Out of bounds read in compositing in Google Chrome prior to 102.0.5005.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- risk 0.61cvss 8.8epss 0.07
An integer overflow that leads to a use-after-free in WebMIDI in Google Chrome on Windows prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.
- risk 0.61cvss 8.8epss 0.07
An integer overflow that leads to a use-after-free in Blink Storage in Google Chrome on Linux prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.
- risk 0.61cvss 8.8epss 0.08
A precision error in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
- risk 0.61cvss 8.8epss 0.05
An out of bounds read in forward error correction code in WebRTC in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
- risk 0.61cvss 8.8epss 0.05
A use after free in WebRTC in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted video file.
- risk 0.61cvss 8.8epss 0.11
A missing check for whether a property of a JS object is private in V8 in Google Chrome prior to 55.0.2883.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
- risk 0.61cvss 8.8epss 0.09
An integer overflow on 32-bit systems in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
- risk 0.61cvss 8.8epss 0.07
Type Confusion in the implementation of __defineGetter__ in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
- risk 0.61cvss 8.8epss 0.06
Integer overflow in the WebCursor::Deserialize function in content/common/cursors/webcursor.cc in Google Chrome before 47.0.2526.106 allows remote attackers to cause a denial of service or possibly have unspecified other impact via an RGBA pixel array with crafted dimensions, a…
- risk 0.60cvss 8.8epss 0.30
Use after free in Navigation in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Page 13 of 266