Use after free in Navigation in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max Base Score
8.8
Published
2023-11-15
Updated
2023-11-28
EPSS
0.24%
Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max Base Score
8.8
Published
2023-11-15
Updated
2023-11-28
EPSS
0.23%
Use after free in WebAudio in Google Chrome prior to 119.0.6045.123 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max Base Score
8.8
Published
2023-11-08
Updated
2023-11-25
EPSS
0.21%
Incorrect security UI in Picture In Picture in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted local HTML page. (Chromium security severity: Low)
Max Base Score
4.3
Published
2023-11-01
Updated
2023-11-25
EPSS
0.20%
Inappropriate implementation in WebApp Provider in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low)
Max Base Score
4.3
Published
2023-11-01
Updated
2023-11-25
EPSS
0.15%
Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially execute arbitrary code via a malicious file. (Chromium security severity: Medium)
Max Base Score
8.8
Published
2023-11-01
Updated
2023-11-25
EPSS
0.55%
Use after free in Side Panel in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
Max Base Score
8.8
Published
2023-11-01
Updated
2023-11-25
EPSS
0.24%
Use after free in Reading Mode in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)
Max Base Score
8.8
Published
2023-11-01
Updated
2023-11-25
EPSS
0.18%
Use after free in Profiles in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)
Max Base Score
8.8
Published
2023-11-01
Updated
2023-11-25
EPSS
0.18%
Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)
Max Base Score
4.3
Published
2023-11-01
Updated
2023-11-25
EPSS
0.20%
Use after free in Printing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)
Max Base Score
8.8
Published
2023-11-01
Updated
2023-11-25
EPSS
0.18%
Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)
Max Base Score
4.3
Published
2023-11-01
Updated
2023-11-25
EPSS
0.20%
Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Medium)
Max Base Score
4.3
Published
2023-11-01
Updated
2023-11-25
EPSS
0.13%
Integer overflow in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Max Base Score
8.8
Published
2023-11-01
Updated
2023-11-25
EPSS
0.24%
Inappropriate implementation in Fullscreen in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severity: Medium)
Max Base Score
6.5
Published
2023-10-11
Updated
2023-11-25
EPSS
0.06%
Inappropriate implementation in Input in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Low)
Max Base Score
4.3
Published
2023-10-11
Updated
2023-11-25
EPSS
0.08%
Inappropriate implementation in Autofill in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to bypass autofill restrictions via a crafted HTML page. (Chromium security severity: Low)
Max Base Score
4.3
Published
2023-10-11
Updated
2023-11-25
EPSS
0.08%
Inappropriate implementation in Navigation in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)
Max Base Score
6.5
Published
2023-10-11
Updated
2023-11-25
EPSS
0.13%
Inappropriate implementation in Intents in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Medium)
Max Base Score
6.5
Published
2023-10-11
Updated
2023-11-25
EPSS
0.08%
Insufficient data validation in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
Max Base Score
8.8
Published
2023-11-01
Updated
2023-11-25
EPSS
0.20%
Inappropriate implementation in Downloads in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)
Max Base Score
6.5
Published
2023-10-11
Updated
2023-11-25
EPSS
0.08%
Inappropriate implementation in Payments in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to bypass XSS preventions via a malicious file. (Chromium security severity: High)
Max Base Score
6.1
Published
2023-11-01
Updated
2023-11-25
EPSS
0.14%
Inappropriate implementation in Extensions API in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. (Chromium security severity: Medium)
Max Base Score
6.5
Published
2023-10-11
Updated
2023-11-25
EPSS
0.05%
Inappropriate implementation in Autofill in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
Max Base Score
4.3
Published
2023-10-11
Updated
2023-11-25
EPSS
0.08%
Inappropriate implementation in Installer in Google Chrome prior to 118.0.5993.70 allowed a local attacker to bypass discretionary access control via a crafted command. (Chromium security severity: Low)
Max Base Score
4.3
Published
2023-10-11
Updated
2023-11-25
EPSS
0.05%
3278 vulnerabilities found
1
2
3
4
5
6 ......
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132