Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Google Subscribe
Total 10294 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-5056 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2022-04-11 6.8 MEDIUM 8.8 HIGH
A use after free in Blink in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
CVE-2017-5054 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2022-04-11 6.8 MEDIUM 8.8 HIGH
An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to obtain heap memory contents via a crafted HTML page.
CVE-2017-5053 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2022-04-11 6.8 MEDIUM 9.6 CRITICAL
An out-of-bounds read in V8 in Google Chrome prior to 57.0.2987.133 for Linux, Windows, and Mac, and 57.0.2987.132 for Android, allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, related to Array.prototype.indexOf.
CVE-2020-6381 6 Debian, Fedoraproject, Google and 3 more 11 Debian Linux, Fedora, Android and 8 more 2022-04-11 6.8 MEDIUM 8.8 HIGH
Integer overflow in JavaScript in Google Chrome on ChromeOS and Android prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6382 6 Debian, Fedoraproject, Google and 3 more 9 Debian Linux, Fedora, Chrome and 6 more 2022-04-11 6.8 MEDIUM 8.8 HIGH
Type confusion in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2017-5052 5 Apple, Google, Linux and 2 more 8 Macos, Android, Chrome and 5 more 2022-04-11 6.8 MEDIUM 8.8 HIGH
An incorrect assumption about block structure in Blink in Google Chrome prior to 57.0.2987.133 for Mac, Windows, and Linux, and 57.0.2987.132 for Android, allowed a remote attacker to potentially exploit memory corruption via a crafted HTML page that triggers improper casting.
CVE-2020-6385 6 Debian, Fedoraproject, Google and 3 more 9 Debian Linux, Fedora, Chrome and 6 more 2022-04-11 6.8 MEDIUM 8.8 HIGH
Insufficient policy enforcement in storage in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass site isolation via a crafted HTML page.
CVE-2020-6390 6 Debian, Fedoraproject, Google and 3 more 9 Debian Linux, Fedora, Chrome and 6 more 2022-04-11 6.8 MEDIUM 8.8 HIGH
Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2020-6391 6 Debian, Fedoraproject, Google and 3 more 9 Debian Linux, Fedora, Chrome and 6 more 2022-04-11 4.3 MEDIUM 4.3 MEDIUM
Insufficient validation of untrusted input in Blink in Google Chrome prior to 80.0.3987.87 allowed a local attacker to bypass content security policy via a crafted HTML page.
CVE-2020-6396 6 Debian, Fedoraproject, Google and 3 more 9 Debian Linux, Fedora, Chrome and 6 more 2022-04-11 4.3 MEDIUM 4.3 MEDIUM
Inappropriate implementation in Skia in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2022-0459 1 Google 1 Chrome 2022-04-11 6.8 MEDIUM 8.8 HIGH
Use after free in Screen Capture in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who had compromised the renderer process and convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0470 1 Google 1 Chrome 2022-04-11 6.8 MEDIUM 8.8 HIGH
Out of bounds memory access in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0457 1 Google 1 Chrome 2022-04-11 6.8 MEDIUM 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0455 1 Google 2 Android, Chrome 2022-04-11 4.3 MEDIUM 6.5 MEDIUM
Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 98.0.4758.80 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2022-0607 1 Google 1 Chrome 2022-04-11 6.8 MEDIUM 8.8 HIGH
Use after free in GPU in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0605 1 Google 1 Chrome 2022-04-11 6.8 MEDIUM 8.8 HIGH
Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and convinced a user to enage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0610 1 Google 1 Chrome 2022-04-11 6.8 MEDIUM 8.8 HIGH
Inappropriate implementation in Gamepad API in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2022-0452 1 Google 1 Chrome 2022-04-11 6.8 MEDIUM 9.6 CRITICAL
Use after free in Safe Browsing in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
CVE-2017-5130 3 Debian, Google, Xmlsoft 3 Debian Linux, Chrome, Libxml2 2022-04-08 6.8 MEDIUM 8.8 HIGH
An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted XML file.
CVE-2022-0454 1 Google 1 Chrome 2022-04-08 6.8 MEDIUM 8.8 HIGH
Heap buffer overflow in ANGLE in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.