Vulnerabilities > Google > Chrome > 124.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-06 | CVE-2024-7001 | Unspecified vulnerability in Google Chrome Inappropriate implementation in HTML in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. | 4.3 |
| 2024-07-16 | CVE-2024-6779 | Out-of-bounds Write vulnerability in Google Chrome Out of bounds memory access in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
| 2024-06-11 | CVE-2024-5836 | Inappropriate Implementation in DevTools in Google Chrome prior to 126.0.6478.54 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. | 8.8 |
| 2024-06-11 | CVE-2024-5840 | Policy bypass in CORS in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. | 6.5 |
| 2024-06-11 | CVE-2024-5844 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in Tab Strip in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | 8.8 |
| 2024-05-22 | CVE-2024-5157 | Use After Free vulnerability in multiple products Use after free in Scheduling in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | 8.8 |
| 2024-05-15 | CVE-2024-4950 | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products Inappropriate implementation in Downloads in Google Chrome prior to 125.0.6422.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. | 6.5 |
| 2024-05-01 | CVE-2024-4058 | Type Confusion vulnerability in multiple products Type confusion in ANGLE in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2024-05-01 | CVE-2024-4059 | Out-of-bounds Read vulnerability in multiple products Out of bounds read in V8 API in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to leak cross-site data via a crafted HTML page. | 6.5 |
| 2024-05-01 | CVE-2024-4368 | Use After Free vulnerability in multiple products Use after free in Dawn in Google Chrome prior to 124.0.6367.118 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |