VYPR

V8

by Google

Source repositories

CVEs (108)

  • CVE-2016-1688MedJun 5, 2016
    risk 0.42cvss 6.5epss 0.02

    The regexp (aka regular expression) implementation in Google V8 before 5.0.71.40, as used in Google Chrome before 51.0.2704.63, mishandles external string sizes, which allows remote attackers to cause a denial of service (out-of-bounds read) via crafted JavaScript code.

  • CVE-2016-1677MedJun 5, 2016
    risk 0.42cvss 6.5epss 0.03

    uri.js in Google V8 before 5.1.281.26, as used in Google Chrome before 51.0.2704.63, uses an incorrect array type, which allows remote attackers to obtain sensitive information by calling the decodeURI function and leveraging "type confusion."

  • CVE-2016-1665MedMay 14, 2016
    risk 0.42cvss 6.5epss 0.02

    The JSGenericLowering class in compiler/js-generic-lowering.cc in Google V8, as used in Google Chrome before 50.0.2661.94, mishandles comparison operators, which allows remote attackers to obtain sensitive information via crafted JavaScript code.

  • CVE-2016-5219MedJan 19, 2017
    risk 0.41cvss 6.3epss 0.01

    A heap use after free in V8 in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2026-7999MedMay 6, 2026
    risk 0.28cvss 4.3epss 0.00

    Inappropriate implementation in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2017-15392MedFeb 7, 2018
    risk 0.28cvss 4.3epss 0.01

    Insufficient data validation in V8 in Google Chrome prior to 62.0.3202.62 allowed an attacker who can write to the Windows Registry to potentially exploit heap corruption via a crafted Windows Registry entry, related to PlatformIntegration.

  • CVE-2023-4427Aug 22, 2023
    risk 0.07cvss epss 0.34

    Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-1939Feb 29, 2024
    risk 0.04cvss epss 0.03

    Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2021-21118Feb 9, 2021
    risk 0.02cvss epss 0.17

    Insufficient data validation in V8 in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

  • CVE-2021-30517Jun 4, 2021
    risk 0.01cvss epss 0.03

    Type confusion in V8 in Google Chrome prior to 90.0.4430.212 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2020-15965Sep 21, 2020
    risk 0.01cvss epss 0.03

    Type confusion in V8 in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

  • CVE-2025-11215Nov 6, 2025
    risk 0.00cvss epss 0.00

    Off by one error in V8 in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2025-0611Jan 22, 2025
    risk 0.00cvss epss 0.00

    Object corruption in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-12053Dec 3, 2024
    risk 0.00cvss epss 0.01

    Type Confusion in V8 in Google Chrome prior to 131.0.6778.108 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2024-7024Sep 23, 2024
    risk 0.00cvss epss 0.00

    Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2024-5158May 22, 2024
    risk 0.00cvss epss 0.01

    Type Confusion in V8 in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to potentially perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)

  • CVE-2022-0457Apr 5, 2022
    risk 0.00cvss epss 0.01

    Type confusion in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2022-0102Feb 11, 2022
    risk 0.00cvss epss 0.01

    Type confusion in V8 in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-38007Dec 23, 2021
    risk 0.00cvss epss 0.01

    Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • CVE-2021-30561Aug 3, 2021
    risk 0.00cvss epss 0.05

    Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Page 2 of 6