VYPR

Chrome

by Google

Source repositories

CVEs (5,374)

  • CVE-2025-6555MedJun 24, 2025
    risk 0.35cvss 5.4epss 0.00

    Use after free in Animation in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2025-5283MedMay 27, 2025
    risk 0.35cvss 5.4epss 0.00

    Use after free in libvpx in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2025-5281MedMay 27, 2025
    risk 0.35cvss 5.4epss 0.00

    Inappropriate implementation in BFCache in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially obtain user information via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2025-5067MedMay 27, 2025
    risk 0.35cvss 5.4epss 0.00

    Inappropriate implementation in Tab Strip in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2025-5064MedMay 27, 2025
    risk 0.35cvss 5.4epss 0.00

    Inappropriate implementation in Background Fetch API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2025-3074MedApr 2, 2025
    risk 0.35cvss 5.4epss 0.00

    Inappropriate implementation in Downloads in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2025-3073MedApr 2, 2025
    risk 0.35cvss 5.4epss 0.00

    Inappropriate implementation in Autofill in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2025-3072MedApr 2, 2025
    risk 0.35cvss 5.4epss 0.00

    Inappropriate implementation in Custom Tabs in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2025-3071MedApr 2, 2025
    risk 0.35cvss 5.4epss 0.00

    Inappropriate implementation in Navigations in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2025-0996MedFeb 15, 2025
    risk 0.35cvss 5.4epss 0.00

    Inappropriate implementation in Browser UI in Google Chrome on Android prior to 133.0.6943.98 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High)

  • CVE-2025-0445MedFeb 4, 2025
    risk 0.35cvss 5.4epss 0.00

    Use after free in V8 in Google Chrome prior to 133.0.6943.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-1672MedFeb 21, 2024
    risk 0.35cvss 5.4epss 0.01

    Inappropriate implementation in Content Security Policy in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2023-4361MedAug 15, 2023
    risk 0.35cvss 5.3epss 0.01

    Inappropriate implementation in Autofill in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2023-4359MedAug 15, 2023
    risk 0.35cvss 5.3epss 0.01

    Inappropriate implementation in App Launcher in Google Chrome on iOS prior to 116.0.5845.96 allowed a remote attacker to potentially spoof elements of the security UI via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2022-4910MedJul 29, 2023
    risk 0.35cvss 5.4epss 0.00

    Inappropriate implementation in Autofill in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2021-21200MedJan 2, 2023
    risk 0.35cvss 5.4epss 0.00

    Out of bounds read in WebUI Settings in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chrome security severity: Low)

  • CVE-2022-3201MedSep 26, 2022
    risk 0.35cvss 5.4epss 0.01

    Insufficient validation of untrusted input in DevTools in Google Chrome on Chrome OS prior to 105.0.5195.125 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: High)

  • CVE-2021-37958MedOct 8, 2021
    risk 0.35cvss 5.4epss 0.01

    Inappropriate implementation in Navigation in Google Chrome on Windows prior to 94.0.4606.54 allowed a remote attacker to inject scripts or HTML into a privileged page via a crafted HTML page.

  • CVE-2021-30539MedJun 7, 2021
    risk 0.35cvss 5.4epss 0.01

    Insufficient policy enforcement in content security policy in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass content security policy via a crafted HTML page.

  • CVE-2020-6425MedMar 23, 2020
    risk 0.35cvss 5.4epss 0.01

    Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.149 allowed an attacker who convinced a user to install a malicious extension to bypass site isolation via a crafted Chrome Extension.

Page 154 of 269