Vulnerabilities > Google > Chrome > 11.0.696.68
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-17 | CVE-2024-3841 | Cross-site Scripting vulnerability in multiple products Insufficient data validation in Browser Switcher in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to inject scripts or HTML into a privileged page via a malicious file. | 6.1 |
| 2024-04-17 | CVE-2024-3843 | Insufficient data validation in Downloads in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page. | 4.3 |
| 2024-04-17 | CVE-2024-3844 | Inappropriate implementation in Extensions in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted Chrome Extension. | 4.3 |
| 2024-04-17 | CVE-2024-3845 | Inappropriate implementation in Networks in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass mixed content policy via a crafted HTML page. | 4.3 |
| 2024-04-17 | CVE-2024-3846 | Inappropriate implementation in Prompts in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. | 4.3 |
| 2024-04-17 | CVE-2024-3847 | Cross-site Scripting vulnerability in multiple products Insufficient policy enforcement in WebUI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass content security policy via a crafted HTML page. | 6.1 |
| 2024-04-10 | CVE-2024-3157 | Out-of-bounds Write vulnerability in multiple products Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via specific UI gestures. | 9.6 |
| 2024-04-10 | CVE-2024-3515 | Use After Free vulnerability in multiple products Use after free in Dawn in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 6.5 |
| 2024-04-10 | CVE-2024-3516 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in ANGLE in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 6.5 |
| 2024-04-06 | CVE-2024-3156 | Unspecified vulnerability in Google Chrome Inappropriate implementation in V8 in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | 8.8 |