Vulnerabilities > Google > Chrome > 104.0.5112.103

DATE CVE VULNERABILITY TITLE RISK
2023-09-12 CVE-2023-4908 Inappropriate implementation in Picture in Picture in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page.
network
low complexity
google fedoraproject debian
4.3
2023-09-12 CVE-2023-4909 Inappropriate implementation in Interstitials in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to obfuscate security UI via a crafted HTML page.
network
low complexity
google fedoraproject debian
4.3
2023-09-12 CVE-2023-4863 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
8.8
2023-09-05 CVE-2023-4761 Out-of-bounds Read vulnerability in multiple products
Out of bounds memory access in FedCM in Google Chrome prior to 116.0.5845.179 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-125
8.1
2023-09-05 CVE-2023-4762 Type Confusion vulnerability in multiple products
Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
network
low complexity
google debian fedoraproject microsoft CWE-843
8.8
2023-09-05 CVE-2023-4763 Use After Free vulnerability in multiple products
Use after free in Networks in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google debian CWE-416
8.8
2023-09-05 CVE-2023-4764 Incorrect security UI in BFCache in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
network
low complexity
google debian
6.5
2023-08-29 CVE-2023-4572 Use After Free vulnerability in multiple products
Use after free in MediaStream in Google Chrome prior to 116.0.5845.140 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject debian CWE-416
8.8
2023-08-25 CVE-2022-4452 Unspecified vulnerability in Google Chrome
Insufficient data validation in crosvm in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.
network
low complexity
google
8.8
2023-08-23 CVE-2023-4427 Out-of-bounds Read vulnerability in multiple products
Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
network
low complexity
google fedoraproject CWE-125
8.1