Vulnerabilities > Google > Chrome > 116.0.5845.187

DATE CVE VULNERABILITY TITLE RISK
2024-05-01 CVE-2024-4331 Use After Free vulnerability in multiple products
Use after free in Picture In Picture in Google Chrome prior to 124.0.6367.118 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2024-05-01 CVE-2024-4368 Use After Free vulnerability in multiple products
Use after free in Dawn in Google Chrome prior to 124.0.6367.118 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
8.8
8.8
2024-04-17 CVE-2024-3914 Use After Free vulnerability in multiple products
Use after free in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google fedoraproject CWE-416
6.5
6.5
2024-04-17 CVE-2024-3832 Object corruption in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.
network
low complexity
google fedoraproject
8.8
8.8
2024-04-17 CVE-2024-3833 Object corruption in WebAssembly in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.
network
low complexity
google fedoraproject
8.8
8.8
2024-04-17 CVE-2024-3840 Insufficient policy enforcement in Site Isolation in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
network
low complexity
google fedoraproject
7.5
7.5
2024-04-17 CVE-2024-3841 Cross-site Scripting vulnerability in multiple products
Insufficient data validation in Browser Switcher in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to inject scripts or HTML into a privileged page via a malicious file.
network
low complexity
google fedoraproject CWE-79
6.1
6.1
2024-04-17 CVE-2024-3843 Insufficient data validation in Downloads in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page.
network
low complexity
google fedoraproject
4.3
4.3
2024-04-17 CVE-2024-3844 Inappropriate implementation in Extensions in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted Chrome Extension.
network
low complexity
google fedoraproject
4.3
4.3
2024-04-17 CVE-2024-3845 Inappropriate implementation in Networks in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass mixed content policy via a crafted HTML page.
network
low complexity
google fedoraproject
4.3
4.3