Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Max CVSS
9.6
EPSS Score
0.20%
Published
2021-11-02
Updated
2022-02-18
Use after free in Incognito in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
0.32%
Published
2021-11-02
Updated
2022-02-18
Use after free in Dev Tools in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
0.32%
Published
2021-11-02
Updated
2022-02-18
Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
0.22%
Published
2021-11-02
Updated
2022-02-19
Use after free in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had convinced a user to allow for connection to debugger to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
0.32%
Published
2021-11-02
Updated
2022-02-12
Heap buffer overflow in Settings in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to engage with Dev Tools to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
0.22%
Published
2021-11-02
Updated
2022-02-12
Use after free in Network APIs in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
0.32%
Published
2021-11-02
Updated
2022-02-12
Use after free in Profiles in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who convinced a user to engage in specific gestures to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
0.32%
Published
2021-11-02
Updated
2022-02-12
Inappropriate implementation in Blink in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to abuse content security policy via a crafted HTML page.
Max CVSS
6.5
EPSS Score
0.18%
Published
2021-11-02
Updated
2022-02-12
Inappropriate implementation in WebView in Google Chrome on Android prior to 95.0.4638.54 allowed a remote attacker to leak cross-origin data via a crafted app.
Max CVSS
5.5
EPSS Score
0.11%
Published
2021-11-02
Updated
2022-02-12
Race in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
7.5
EPSS Score
0.22%
Published
2021-11-02
Updated
2022-02-18
Out of bounds read in WebAudio in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
0.22%
Published
2021-11-02
Updated
2022-02-18
Use after free in PDF Accessibility in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
8.8
EPSS Score
0.32%
Published
2021-11-02
Updated
2022-02-18
Inappropriate implementation in iFrame Sandbox in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
Max CVSS
6.5
EPSS Score
0.14%
Published
2021-11-02
Updated
2022-02-28
Inappropriate implementation in WebApp Installer in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially overlay and spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
Max CVSS
6.5
EPSS Score
0.18%
Published
2021-11-02
Updated
2022-02-28
Insufficient validation of untrusted input Downloads in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to bypass navigation restrictions via a malicious file.
Max CVSS
5.5
EPSS Score
0.11%
Published
2021-11-02
Updated
2022-02-28
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!