VYPR

Chrome

by Google

Source repositories

CVEs (5,416)

  • CVE-2023-4077HigAug 3, 2023
    risk 0.57cvss 8.8epss 0.01

    Insufficient data validation in Extensions in Google Chrome prior to 115.0.5790.170 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: Medium)

  • CVE-2023-4076HigAug 3, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in WebRTC in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted WebRTC session. (Chromium security severity: High)

  • CVE-2023-4075HigAug 3, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in Cast in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-4074HigAug 3, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in Blink Task Scheduling in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-4073HigAug 3, 2023
    risk 0.57cvss 8.8epss 0.01

    Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-4072HigAug 3, 2023
    risk 0.57cvss 8.8epss 0.01

    Out of bounds read and write in WebGL in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-4071HigAug 3, 2023
    risk 0.57cvss 8.8epss 0.01

    Heap buffer overflow in Visuals in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-3732HigAug 1, 2023
    risk 0.57cvss 8.8epss 0.01

    Out of bounds memory access in Mojo in Google Chrome prior to 115.0.5790.98 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-3731HigAug 1, 2023
    risk 0.57cvss 8.8epss 0.00

    Use after free in Diagnostics in Google Chrome on ChromeOS prior to 115.0.5790.131 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)

  • CVE-2023-3730HigAug 1, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in Tab Groups in Google Chrome prior to 115.0.5790.98 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-3729HigAug 1, 2023
    risk 0.57cvss 8.8epss 0.00

    Use after free in Splitscreen in Google Chrome on ChromeOS prior to 115.0.5790.131 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions. (Chromium security severity: High)

  • CVE-2023-3728HigAug 1, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in WebRTC in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-3727HigAug 1, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in WebRTC in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2023-2313HigJul 29, 2023
    risk 0.57cvss 8.8epss 0.01

    Inappropriate implementation in Sandbox in Google Chrome on Windows prior to 112.0.5615.49 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a malicious file. (Chromium security severity: High)

  • CVE-2022-4921HigJul 29, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in Accessibility in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2022-4919HigJul 29, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in Base Internals in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-4918HigJul 29, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in UI in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2022-4916HigJul 29, 2023
    risk 0.57cvss 8.8epss 0.01

    Use after free in Media in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-4914HigJul 29, 2023
    risk 0.57cvss 8.8epss 0.00

    Heap buffer overflow in PrintPreview in Google Chrome prior to 104.0.5112.79 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2022-4912HigJul 29, 2023
    risk 0.57cvss 8.8epss 0.01

    Type Confusion in MathML in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Page 48 of 271