Total
3309 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-5786 | 1 Google | 2 Chrome, Puppeteer | 2024-02-15 | 4.3 MEDIUM | 6.5 MEDIUM |
Object lifetime issue in Blink in Google Chrome prior to 72.0.3626.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | |||||
CVE-2020-6572 | 1 Google | 1 Chrome | 2024-02-15 | 9.3 HIGH | 8.8 HIGH |
Use after free in Media in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to execute arbitrary code via a crafted HTML page. | |||||
CVE-2019-13720 | 1 Google | 1 Chrome | 2024-02-15 | 6.8 MEDIUM | 8.8 HIGH |
Use after free in WebAudio in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2024-1283 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-02-14 | N/A | 9.8 CRITICAL |
Heap buffer overflow in Skia in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2024-1284 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-02-14 | N/A | 9.8 CRITICAL |
Use after free in Mojo in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2023-4762 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2024-02-07 | N/A | 8.8 HIGH |
Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2014-1745 | 1 Google | 1 Chrome | 2024-02-06 | 7.5 HIGH | N/A |
Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger removal of an SVGFontFaceElement object, related to core/svg/SVGFontFaceElement.cpp. | |||||
CVE-2024-1059 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-02-05 | N/A | 8.8 HIGH |
Use after free in Peer Connection in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2024-1060 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-02-05 | N/A | 8.8 HIGH |
Use after free in Canvas in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2024-1077 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-02-05 | N/A | 8.8 HIGH |
Use after free in Network in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a malicious file. (Chromium security severity: High) | |||||
CVE-2023-3728 | 1 Google | 1 Chrome | 2024-02-05 | N/A | 8.8 HIGH |
Use after free in WebRTC in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2023-3733 | 1 Google | 1 Chrome | 2024-02-05 | N/A | 4.3 MEDIUM |
Inappropriate implementation in WebApp Installs in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium) | |||||
CVE-2023-3727 | 1 Google | 1 Chrome | 2024-02-05 | N/A | 8.8 HIGH |
Use after free in WebRTC in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2023-3732 | 1 Google | 1 Chrome | 2024-02-05 | N/A | 8.8 HIGH |
Out of bounds memory access in Mojo in Google Chrome prior to 115.0.5790.98 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2023-3730 | 1 Google | 1 Chrome | 2024-02-05 | N/A | 8.8 HIGH |
Use after free in Tab Groups in Google Chrome prior to 115.0.5790.98 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2023-3731 | 1 Google | 2 Chrome, Chrome Os | 2024-02-05 | N/A | 8.8 HIGH |
Use after free in Diagnostics in Google Chrome on ChromeOS prior to 115.0.5790.131 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High) | |||||
CVE-2023-3729 | 1 Google | 2 Chrome, Chrome Os | 2024-02-05 | N/A | 8.8 HIGH |
Use after free in Splitscreen in Google Chrome on ChromeOS prior to 115.0.5790.131 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions. (Chromium security severity: High) | |||||
CVE-2024-0814 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-02-05 | N/A | 6.5 MEDIUM |
Incorrect security UI in Payments in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. (Chromium security severity: Medium) | |||||
CVE-2024-0809 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-02-05 | N/A | 4.3 MEDIUM |
Inappropriate implementation in Autofill in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low) | |||||
CVE-2023-5996 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2024-02-05 | N/A | 8.8 HIGH |
Use after free in WebAudio in Google Chrome prior to 119.0.6045.123 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |