Heap buffer overflow in ANGLE in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-04-10
Updated
2024-04-15
Use after free in Dawn in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-04-10
Updated
2024-04-15
Out of bounds memory access in V8 in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-06
Updated
2024-04-08
Use after free in Bookmarks in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-06
Updated
2024-04-08
Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via specific UI gestures. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-04-10
Updated
2024-04-15
Inappropriate implementation in V8 in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-06
Updated
2024-04-08
Type Confusion in WebAssembly in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-03-26
Updated
2024-03-29
Use after free in WebCodecs in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-03-26
Updated
2024-03-29
Use after free in Dawn in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-03-26
Updated
2024-03-29
Use after free in ANGLE in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-03-26
Updated
2024-03-29
Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
Max CVSS
4.3
EPSS Score
0.05%
Published
2024-03-20
Updated
2024-04-01
Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
Max CVSS
6.5
EPSS Score
0.05%
Published
2024-03-20
Updated
2024-04-01
Incorrect security UI in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
Max CVSS
4.3
EPSS Score
0.05%
Published
2024-03-20
Updated
2024-04-01
Inappropriate implementation in Downloads in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted URL. (Chromium security severity: Medium)
Max CVSS
4.3
EPSS Score
0.05%
Published
2024-03-20
Updated
2024-04-01
Out of bounds read in Swiftshader in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)
Max CVSS
6.5
EPSS Score
0.05%
Published
2024-03-20
Updated
2024-04-01
Use after free in Performance Manager in Google Chrome prior to 122.0.6261.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-03-13
Updated
2024-03-16
Use after free in FedCM in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-03-06
Updated
2024-03-23
Inappropriate implementation in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-03-06
Updated
2024-03-23
Out of bounds memory access in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-03-06
Updated
2024-03-23
Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-02-29
Updated
2024-03-07
Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-02-29
Updated
2024-03-07
Inappropriate implementation in Navigation in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Low)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-02-21
Updated
2024-02-26
Insufficient policy enforcement in Download in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. (Chromium security severity: Medium)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-02-21
Updated
2024-02-26
Inappropriate implementation in Navigation in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-02-21
Updated
2024-02-26
Use after free in Accessibility in Google Chrome prior to 122.0.6261.57 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-02-21
Updated
2024-02-26