Vulnerabilities (CVE)

Filtered by vendor Google Subscribe
Total 12833 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-32871 5 Google, Linuxfoundation, Mediatek and 2 more 63 Android, Yocto, Mt2737 and 60 more 2025-05-05 N/A 5.3 MEDIUM
In DA, there is a possible permission bypass due to an incorrect status check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08355514; Issue ID: ALPS08355514.
CVE-2023-4763 2 Debian, Google 2 Debian Linux, Chrome 2025-05-05 N/A 8.8 HIGH
Use after free in Networks in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-4369 1 Google 2 Chrome, Chrome Os 2025-05-05 N/A 8.8 HIGH
Insufficient data validation in Systems Extensions in Google Chrome on ChromeOS prior to 116.0.5845.120 allowed an attacker who convinced a user to install a malicious extension to bypass file restrictions via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-4355 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2025-05-05 N/A 8.8 HIGH
Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-4354 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2025-05-05 N/A 8.8 HIGH
Heap buffer overflow in Skia in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-4352 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2025-05-05 N/A 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-3421 2 Debian, Google 2 Debian Linux, Chrome 2025-05-05 N/A 8.8 HIGH
Use after free in Media in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-3420 2 Debian, Google 2 Debian Linux, Chrome 2025-05-05 N/A 8.8 HIGH
Type Confusion in V8 in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-3217 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2025-05-05 N/A 8.8 HIGH
Use after free in WebXR in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-3216 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2025-05-05 N/A 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-3215 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2025-05-05 N/A 8.8 HIGH
Use after free in WebRTC in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-3214 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2025-05-05 N/A 8.8 HIGH
Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
CVE-2023-35682 1 Google 1 Android 2025-05-05 N/A 7.8 HIGH
In hasPermissionForActivity of PackageManagerHelper.java, there is a possible way to start arbitrary components due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2023-2939 2 Google, Microsoft 2 Chrome, Windows 2025-05-05 N/A 7.8 HIGH
Insufficient data validation in Installer in Google Chrome on Windows prior to 114.0.5735.90 allowed a local attacker to perform privilege escalation via crafted symbolic link. (Chromium security severity: Medium)
CVE-2023-2936 1 Google 1 Chrome 2025-05-05 N/A 8.8 HIGH
Type Confusion in V8 in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-2935 1 Google 1 Chrome 2025-05-05 N/A 8.8 HIGH
Type Confusion in V8 in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-2934 1 Google 1 Chrome 2025-05-05 N/A 8.8 HIGH
Out of bounds memory access in Mojo in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-2933 1 Google 1 Chrome 2025-05-05 N/A 8.8 HIGH
Use after free in PDF in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)
CVE-2023-2932 1 Google 1 Chrome 2025-05-05 N/A 8.8 HIGH
Use after free in PDF in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)
CVE-2023-2931 1 Google 1 Chrome 2025-05-05 N/A 8.8 HIGH
Use after free in PDF in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)