VYPR

Chrome

by Google

Source repositories

CVEs (5,374)

  • CVE-2026-5869MedApr 8, 2026
    risk 0.28cvss 4.3epss 0.00

    Heap buffer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-5867MedApr 8, 2026
    risk 0.28cvss 4.3epss 0.00

    Heap buffer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-5864MedApr 8, 2026
    risk 0.28cvss 4.3epss 0.00

    Heap buffer overflow in WebAudio in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

  • CVE-2025-13637MedDec 2, 2025
    risk 0.28cvss 4.3epss 0.00

    Inappropriate implementation in Downloads in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass download protections via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2025-13636MedDec 2, 2025
    risk 0.28cvss 4.3epss 0.00

    Inappropriate implementation in Split View in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted domain name. (Chromium security severity: Low)

  • CVE-2025-9479MedNov 14, 2025
    risk 0.28cvss 4.3epss 0.00

    Out of bounds read in V8 in Google Chrome prior to 133.0.6943.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2025-13107MedNov 14, 2025
    risk 0.28cvss 4.3epss 0.00

    Inappropriate implementation in Compositing in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2025-13102MedNov 14, 2025
    risk 0.28cvss 4.3epss 0.00

    Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2024-7021MedNov 14, 2025
    risk 0.28cvss 4.3epss 0.00

    Inappropriate implementation in Autofill in Google Chrome on Windows prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2024-13178MedNov 14, 2025
    risk 0.28cvss 4.3epss 0.00

    Inappropriate implementation in Fullscreen in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2024-11920MedNov 14, 2025
    risk 0.28cvss 4.3epss 0.00

    Inappropriate implementation in Dawn in Google Chrome on Mac prior to 130.0.6723.92 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-11919MedNov 14, 2025
    risk 0.28cvss 4.3epss 0.00

    Inappropriate implementation in Intents in Google Chrome on Android prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2025-12443MedNov 10, 2025
    risk 0.28cvss 4.3epss 0.00

    Out of bounds read in WebXR in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2025-12441MedNov 10, 2025
    risk 0.28cvss 4.3epss 0.00

    Out of bounds read in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2025-12433MedNov 10, 2025
    risk 0.28cvss 4.3epss 0.00

    Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

  • CVE-2025-12911MedNov 8, 2025
    risk 0.28cvss 4.3epss 0.00

    Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2025-11215MedNov 6, 2025
    risk 0.28cvss 4.3epss 0.00

    Off by one error in V8 in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2025-8583MedAug 7, 2025
    risk 0.28cvss 4.3epss 0.00

    Inappropriate implementation in Permissions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2025-8582MedAug 7, 2025
    risk 0.28cvss 4.3epss 0.00

    Insufficient validation of untrusted input in Core in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2025-8581MedAug 7, 2025
    risk 0.28cvss 4.3epss 0.00

    Inappropriate implementation in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)

Page 164 of 269