Heap-based buffer overflow in the WebGL subsystem in Google Chrome OS before 23.0.1271.94 allows remote attackers to cause a denial of service (GPU process crash) or possibly have unspecified other impact via unknown vectors.
Max CVSS
7.5
EPSS Score
0.43%
Published
2012-12-04
Updated
2018-10-30
Inappropriate implementation in Bookmarks in Google Chrome prior to 59 for iOS allowed a remote attacker who convinced the user to perform certain operations to run JavaScript on chrome:// pages via a crafted bookmark.
Max CVSS
6.1
EPSS Score
0.44%
Published
2017-10-27
Updated
2018-01-05
Out of bounds memory access in Blink in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-02-21
Updated
2024-02-26
Use after free in Mojo in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-02-21
Updated
2024-02-26
Inappropriate implementation in Site Isolation in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Medium)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-02-21
Updated
2024-02-26
Inappropriate implementation in Content Security Policy in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Medium)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-02-21
Updated
2024-02-26
Use after free in Accessibility in Google Chrome prior to 122.0.6261.57 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-02-21
Updated
2024-02-26
Inappropriate implementation in Navigation in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-02-21
Updated
2024-02-26
Insufficient policy enforcement in Download in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. (Chromium security severity: Medium)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-02-21
Updated
2024-02-26
Inappropriate implementation in Navigation in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Low)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-02-21
Updated
2024-02-26
Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-02-29
Updated
2024-03-07
Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-02-29
Updated
2024-03-07
Out of bounds memory access in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-03-06
Updated
2024-03-23
Inappropriate implementation in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-03-06
Updated
2024-03-23
Use after free in FedCM in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max CVSS
N/A
EPSS Score
0.05%
Published
2024-03-06
Updated
2024-03-23
15 vulnerabilities found