Use after free in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-17
Updated
2024-04-17
Insufficient policy enforcement in WebUI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-17
Updated
2024-04-17
Inappropriate implementation in Prompts in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-17
Updated
2024-04-17
Inappropriate implementation in Networks in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass mixed content policy via a crafted HTML page. (Chromium security severity: Low)
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-17
Updated
2024-04-17
Inappropriate implementation in Extensions in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-17
Updated
2024-04-17
Insufficient data validation in Downloads in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-17
Updated
2024-04-17
Insufficient data validation in Browser Switcher in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to inject scripts or HTML into a privileged page via a malicious file. (Chromium security severity: Medium)
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-17
Updated
2024-04-17
Insufficient policy enforcement in Site Isolation in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-17
Updated
2024-04-17
Object corruption in WebAssembly in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-17
Updated
2024-04-17
Object corruption in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-17
Updated
2024-04-17
Heap buffer overflow in ANGLE in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-04-10
Updated
2024-04-15
Use after free in Dawn in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-04-10
Updated
2024-04-15
Out of bounds memory access in V8 in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-04-06
Updated
2024-04-08
Use after free in Bookmarks in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-06
Updated
2024-04-08
Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via specific UI gestures. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-04-10
Updated
2024-04-15
Inappropriate implementation in V8 in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-04-06
Updated
2024-04-08
Type Confusion in WebAssembly in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-03-26
Updated
2024-03-29
Use after free in WebCodecs in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-03-26
Updated
2024-03-29
Use after free in Dawn in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-03-26
Updated
2024-03-29
Use after free in ANGLE in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-03-26
Updated
2024-03-29
Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
Max CVSS
4.3
EPSS Score
0.05%
Published
2024-03-20
Updated
2024-04-01
Incorrect security UI in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
Max CVSS
4.3
EPSS Score
0.05%
Published
2024-03-20
Updated
2024-04-01
Inappropriate implementation in Downloads in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted URL. (Chromium security severity: Medium)
Max CVSS
4.3
EPSS Score
0.05%
Published
2024-03-20
Updated
2024-04-01
Use after free in Performance Manager in Google Chrome prior to 122.0.6261.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-03-13
Updated
2024-03-16
Use after free in FedCM in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-03-06
Updated
2024-03-23