Heap buffer overflow in Skia in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
9.8
EPSS Score
0.09%
Published
2024-02-07
Updated
2024-02-14

CVE-2023-6345

Known exploited
Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High)
Max CVSS
9.6
EPSS Score
5.21%
Published
2023-11-29
Updated
2024-01-31
CISA KEV Added
2023-11-30

CVE-2023-2136

Known exploited
Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Max CVSS
9.6
EPSS Score
0.44%
Published
2023-04-19
Updated
2023-10-20
CISA KEV Added
2023-04-21
Heap buffer overflow in Blink in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Max CVSS
9.6
EPSS Score
0.08%
Published
2023-07-29
Updated
2023-08-19

CVE-2022-4135

Known exploited
Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Max CVSS
9.6
EPSS Score
2.23%
Published
2022-11-25
Updated
2024-02-15
CISA KEV Added
2022-11-28
Heap buffer overflow in Crashpad in Google Chrome on Android prior to 107.0.5304.106 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Max CVSS
9.6
EPSS Score
0.17%
Published
2022-11-09
Updated
2022-12-08
Heap buffer overflow in fingerprint recognition in Google Chrome on ChromeOS prior to 96.0.4664.45 allowed a remote attacker who had compromised a WebUI renderer process to potentially perform a sandbox escape via a crafted HTML page.
Max CVSS
9.6
EPSS Score
0.53%
Published
2021-12-23
Updated
2022-02-19
Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Max CVSS
9.6
EPSS Score
0.20%
Published
2021-11-02
Updated
2022-02-18
Integer overflow in Mojo in Google Chrome prior to 90.0.4430.85 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Max CVSS
9.6
EPSS Score
1.32%
Published
2021-04-26
Updated
2021-06-01
Heap buffer overflow in Tab Strip in Google Chrome on Windows prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Max CVSS
9.6
EPSS Score
0.45%
Published
2021-02-22
Updated
2021-12-10
Heap buffer overflow in Tab Strip in Google Chrome prior to 88.0.4324.182 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Max CVSS
9.6
EPSS Score
0.45%
Published
2021-02-22
Updated
2021-12-10
Heap buffer overflow in clipboard in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Max CVSS
9.6
EPSS Score
0.24%
Published
2021-01-08
Updated
2021-02-25
Heap buffer overflow in UI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Max CVSS
9.6
EPSS Score
0.24%
Published
2021-01-08
Updated
2021-02-25
Heap buffer overflow in UI in Google Chrome on Windows prior to 86.0.4240.183 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
Max CVSS
9.6
EPSS Score
0.62%
Published
2020-11-03
Updated
2021-03-11
Heap buffer overflow in SwiftShader in Google Chrome prior to 84.0.4147.135 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
9.3
EPSS Score
0.78%
Published
2020-09-21
Updated
2022-06-29
Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.125 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
9.3
EPSS Score
0.30%
Published
2020-09-21
Updated
2021-01-27
Heap buffer overflow in WebAudio in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
9.3
EPSS Score
0.56%
Published
2020-07-22
Updated
2021-01-27
Out of bounds write in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
9.3
EPSS Score
0.73%
Published
2020-07-22
Updated
2021-07-21
Buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
9.3
EPSS Score
0.66%
Published
2020-07-22
Updated
2021-07-21
Heap buffer overflow in history in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Max CVSS
9.3
EPSS Score
0.66%
Published
2020-07-22
Updated
2021-03-12
An integer overflow that leads to a use-after-free in WebMIDI in Google Chrome on Windows prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.
Max CVSS
9.3
EPSS Score
1.77%
Published
2019-05-23
Updated
2022-10-11
An integer overflow that leads to a use-after-free in Blink Storage in Google Chrome on Linux prior to 73.0.3683.75 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page.
Max CVSS
9.3
EPSS Score
1.71%
Published
2019-05-23
Updated
2022-10-11
A stack buffer overflow in the QUIC networking stack in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to gain code execution via a malicious server.
Max CVSS
9.8
EPSS Score
11.57%
Published
2018-08-28
Updated
2018-11-07
Heap-based buffer overflow in the opj_j2k_read_SQcd_SQcc function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 52.0.2743.116, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JPEG 2000 data.
Max CVSS
9.8
EPSS Score
2.13%
Published
2016-08-07
Updated
2017-07-01
The Zone::New function in zone.cc in Google V8 before 5.0.71.47, as used in Google Chrome before 50.0.2661.102, does not properly determine when to expand certain memory allocations, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted JavaScript code.
Max CVSS
9.3
EPSS Score
3.47%
Published
2016-05-14
Updated
2023-01-19
76 vulnerabilities found
1 2 3 4
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!