Vulnerabilities (CVE)

Filtered by vendor Google Subscribe
Filtered by product Chrome
Total 3652 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-16070 1 Google 1 Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Integer overflows in Skia in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2018-16069 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Unintended floating-point error accumulation in SwiftShader in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2018-16068 3 Debian, Google, Redhat 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more 2024-11-21 6.8 MEDIUM 9.6 CRITICAL
Missing validation in Mojo in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
CVE-2018-16067 3 Debian, Google, Redhat 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
A use after free in WebAudio in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2018-16066 3 Debian, Google, Redhat 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
A use after free in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2018-16065 3 Debian, Google, Redhat 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
A Javascript reentrancy issues that caused a use-after-free in V8 in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
CVE-2018-16064 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Insufficient data validation in Extensions API in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.
CVE-2018-10229 3 Google, Lg, Mozilla 3 Chrome, Nexus 5, Firefox 2024-11-21 5.8 MEDIUM 4.8 MEDIUM
A hardware vulnerability in GPU memory modules allows attackers to accelerate micro-architectural attacks through the use of the JavaScript WebGL API.
CVE-2017-5133 2 Debian, Google 2 Debian Linux, Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Off-by-one read/write on the heap in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to corrupt memory and possibly leak information and potentially execute code via a crafted PDF file.
CVE-2017-5132 2 Debian, Google 2 Debian Linux, Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Inappropriate implementation in V8 in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka incorrect WebAssembly stack manipulation.
CVE-2017-5131 2 Debian, Google 2 Debian Linux, Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
An integer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka an out-of-bounds write.
CVE-2017-5130 3 Debian, Google, Xmlsoft 3 Debian Linux, Chrome, Libxml2 2024-11-21 6.8 MEDIUM 8.8 HIGH
An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted XML file.
CVE-2017-5129 2 Debian, Google 2 Debian Linux, Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
A use after free in WebAudio in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2017-5128 2 Debian, Google 2 Debian Linux, Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Heap buffer overflow in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, related to WebGL.
CVE-2017-5127 2 Debian, Google 2 Debian Linux, Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2017-5126 2 Debian, Google 2 Debian Linux, Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
A use after free in PDFium in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2017-5125 2 Debian, Google 2 Debian Linux, Chrome 2024-11-21 6.8 MEDIUM 8.8 HIGH
Heap buffer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2017-5124 2 Debian, Google 2 Debian Linux, Chrome 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Incorrect application of sandboxing in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted MHTML page.
CVE-2017-5028 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Insufficient data validation in V8 in Google Chrome prior to 56.0.2924.76 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2017-15430 1 Google 1 Chrome 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
Insufficient data validation in Chromecast plugin in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.