VYPR

Chrome

by Google

Source repositories

CVEs (5,373)

  • CVE-2016-5166LowSep 11, 2016
    risk 0.20cvss 3.1epss 0.01

    The download implementation in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly restrict saving a file:// URL that is referenced by an http:// URL, which makes it easier for user-assisted remote attackers to discover…

  • CVE-2026-2441KEVFeb 13, 2026
    risk 0.17cvss epss 0.22

    Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-4863HigKEVSep 12, 2023
    risk 0.13cvss 8.8epss 1.00

    Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)

  • CVE-2026-3910KEVMar 12, 2026
    risk 0.12cvss epss 0.02

    Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-3909KEVMar 12, 2026
    risk 0.12cvss epss 0.02

    Out of bounds write in Skia in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

  • CVE-2025-14174KEVDec 12, 2025
    risk 0.12cvss epss 0.22

    Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499.110 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

  • CVE-2025-13223KEVNov 17, 2025
    risk 0.12cvss epss 0.05

    Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2025-10585KEVSep 24, 2025
    risk 0.12cvss epss 0.05

    Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2011-3389Sep 6, 2011
    risk 0.09cvss epss 0.73

    The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to…

  • CVE-2023-5217HigKEVSep 28, 2023
    risk 0.08cvss 8.8epss 0.34

    Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2010-1663May 3, 2010
    risk 0.07cvss epss 0.54

    The Google URL Parsing Library (aka google-url or GURL) in Google Chrome before 4.1.249.1064 allows remote attackers to bypass the Same Origin Policy via unspecified vectors.

  • CVE-2011-3026Feb 16, 2012
    risk 0.06cvss epss 0.73

    Integer overflow in libpng, as used in Google Chrome before 17.0.963.56, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation.

  • CVE-2015-6787Dec 6, 2015
    risk 0.04cvss epss 0.08

    Multiple unspecified vulnerabilities in Google Chrome before 47.0.2526.73 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

  • CVE-2015-6763Oct 15, 2015
    risk 0.04cvss epss 0.07

    Multiple unspecified vulnerabilities in Google Chrome before 46.0.2490.71 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

  • CVE-2015-1265May 20, 2015
    risk 0.04cvss epss 0.08

    Multiple unspecified vulnerabilities in Google Chrome before 43.0.2357.65 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

  • CVE-2014-7910Nov 19, 2014
    risk 0.04cvss epss 0.08

    Multiple unspecified vulnerabilities in Google Chrome before 39.0.2171.65 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

  • CVE-2013-2842May 22, 2013
    risk 0.04cvss epss 0.12

    Use-after-free vulnerability in Google Chrome before 27.0.1453.93 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of widgets.

  • CVE-2010-2300Jun 15, 2010
    risk 0.04cvss epss 0.09

    Use-after-free vulnerability in the Element::normalizeAttributes function in dom/Element.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to handlers…

  • CVE-2010-1029Mar 19, 2010
    risk 0.04cvss epss 0.10

    Stack consumption vulnerability in the WebCore::CSSSelector function in WebKit, as used in Apple Safari 4.0.4, Apple Safari on iPhone OS and iPhone OS for iPod touch, and Google Chrome 4.0.249, allows remote attackers to cause a denial of service (application crash) or possibly…

  • CVE-2010-0655Feb 18, 2010
    risk 0.04cvss epss 0.07

    Use-after-free vulnerability in Google Chrome before 4.0.249.78 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving the display of a blocked popup window during navigation to a different…

Page 178 of 269