Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Google Subscribe
Filtered by product Chrome
Total 864 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-3839 1 Google 1 Chrome 2024-05-03 N/A 6.5 MEDIUM
Out of bounds read in Fonts in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
CVE-2024-3838 1 Google 1 Chrome 2024-04-23 N/A 5.5 MEDIUM
Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed an attacker who convinced a user to install a malicious app to perform UI spoofing via a crafted app. (Chromium security severity: Medium)
CVE-2024-2631 2 Fedoraproject, Google 2 Fedora, Chrome 2024-04-01 N/A 4.3 MEDIUM
Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2024-2630 2 Fedoraproject, Google 2 Fedora, Chrome 2024-04-01 N/A 6.5 MEDIUM
Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2024-2629 2 Fedoraproject, Google 2 Fedora, Chrome 2024-04-01 N/A 4.3 MEDIUM
Incorrect security UI in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVE-2024-2628 2 Fedoraproject, Google 2 Fedora, Chrome 2024-04-01 N/A 4.3 MEDIUM
Inappropriate implementation in Downloads in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted URL. (Chromium security severity: Medium)
CVE-2024-2626 2 Fedoraproject, Google 2 Fedora, Chrome 2024-04-01 N/A 6.5 MEDIUM
Out of bounds read in Swiftshader in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)
CVE-2024-0811 2 Fedoraproject, Google 2 Fedora, Chrome 2024-02-19 N/A 4.3 MEDIUM
Inappropriate implementation in Extensions API in Google Chrome prior to 121.0.6167.85 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. (Chromium security severity: Low)
CVE-2023-6512 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-02-15 N/A 6.5 MEDIUM
Inappropriate implementation in Web Browser UI in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to potentially spoof the contents of an iframe dialog context menu via a crafted HTML page. (Chromium security severity: Low)
CVE-2023-6511 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-02-15 N/A 4.3 MEDIUM
Inappropriate implementation in Autofill in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low)
CVE-2022-2856 2 Fedoraproject, Google 3 Fedora, Android, Chrome 2024-02-15 N/A 6.5 MEDIUM
Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker to arbitrarily browse to a malicious website via a crafted HTML page.
CVE-2021-38000 3 Debian, Fedoraproject, Google 4 Debian Linux, Fedora, Android and 1 more 2024-02-15 5.8 MEDIUM 6.1 MEDIUM
Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.4638.69 allowed a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page.
CVE-2021-30533 2 Fedoraproject, Google 2 Fedora, Chrome 2024-02-15 4.3 MEDIUM 6.5 MEDIUM
Insufficient policy enforcement in PopupBlocker in Google Chrome prior to 91.0.4472.77 allowed a remote attacker to bypass navigation restrictions via a crafted iframe.
CVE-2020-15999 5 Debian, Fedoraproject, Freetype and 2 more 5 Debian Linux, Fedora, Freetype and 2 more 2024-02-15 4.3 MEDIUM 6.5 MEDIUM
Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-5786 1 Google 2 Chrome, Puppeteer 2024-02-15 4.3 MEDIUM 6.5 MEDIUM
Object lifetime issue in Blink in Google Chrome prior to 72.0.3626.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
CVE-2009-2416 11 Apple, Canonical, Debian and 8 more 19 Iphone Os, Mac Os X, Mac Os X Server and 16 more 2024-02-02 4.3 MEDIUM 6.5 MEDIUM
Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework.
CVE-2023-5859 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-01-31 N/A 4.3 MEDIUM
Incorrect security UI in Picture In Picture in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted local HTML page. (Chromium security severity: Low)
CVE-2023-5858 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-01-31 N/A 4.3 MEDIUM
Inappropriate implementation in WebApp Provider in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low)
CVE-2023-5853 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-01-31 N/A 4.3 MEDIUM
Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-5851 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2024-01-31 N/A 4.3 MEDIUM
Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)