Filtered by vendor Google
Subscriptions
Filtered by product Chrome
Subscriptions
Total
3544 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-8909 | 2 Apple, Google | 2 Iphone Os, Chrome | 2024-09-23 | 4.3 Medium |
Inappropriate implementation in UI in Google Chrome on iOS prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) | ||||
CVE-2024-8906 | 1 Google | 1 Chrome | 2024-09-23 | 4.3 Medium |
Incorrect security UI in Downloads in Google Chrome prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | ||||
CVE-2024-8904 | 1 Google | 1 Chrome | 2024-09-20 | 8.8 High |
Type Confusion in V8 in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
CVE-2024-8905 | 1 Google | 1 Chrome | 2024-09-20 | 8.8 High |
Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: Medium) | ||||
CVE-2024-7965 | 2 Google, Microsoft | 2 Chrome, Edge Chromium | 2024-09-18 | 8.8 High |
Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
CVE-2024-8639 | 1 Google | 2 Android, Chrome | 2024-09-13 | 8.8 High |
Use after free in Autofill in Google Chrome on Android prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
CVE-2024-8638 | 1 Google | 1 Chrome | 2024-09-13 | 8.8 High |
Type Confusion in V8 in Google Chrome prior to 128.0.6613.137 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High) | ||||
CVE-2024-8637 | 1 Google | 2 Android, Chrome | 2024-09-13 | 8.8 High |
Use after free in Media Router in Google Chrome on Android prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
CVE-2024-8636 | 1 Google | 1 Chrome | 2024-09-13 | 8.8 High |
Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
CVE-2024-7969 | 1 Google | 1 Chrome | 2024-09-06 | 8.8 High |
Type Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
CVE-2024-7970 | 1 Google | 1 Chrome | 2024-09-05 | 8.8 High |
Out of bounds write in V8 in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
CVE-2024-8362 | 1 Google | 1 Chrome | 2024-09-05 | 8.8 High |
Use after free in WebAudio in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
CVE-2024-8194 | 1 Google | 1 Chrome | 2024-09-05 | 7.5 High |
Type Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
CVE-2024-8193 | 1 Google | 1 Chrome | 2024-09-05 | 8.8 High |
Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
CVE-2024-8033 | 2 Google, Microsoft | 2 Chrome, Windows | 2024-08-27 | 4.3 Medium |
Inappropriate implementation in WebApp Installs in Google Chrome on Windows prior to 128.0.6613.84 allowed an attacker who convinced a user to install a malicious application to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) | ||||
CVE-2024-7968 | 1 Google | 1 Chrome | 2024-08-27 | 8.8 High |
Use after free in Autofill in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who had convinced the user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
CVE-2024-7967 | 1 Google | 1 Chrome | 2024-08-27 | 8.8 High |
Heap buffer overflow in Fonts in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
CVE-2024-7966 | 1 Google | 1 Chrome | 2024-08-27 | 8.8 High |
Out of bounds memory access in Skia in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who had compromised the renderer process to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) | ||||
CVE-2024-7964 | 1 Google | 2 Android, Chrome | 2024-08-27 | 8.8 High |
Use after free in Passwords in Google Chrome on Android prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
CVE-2024-7980 | 2 Google, Microsoft | 2 Chrome, Windows | 2024-08-26 | 7.3 High |
Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege escalation via a crafted symbolic link. (Chromium security severity: Medium) |