Vulnerabilities > Google > Chrome > 127.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-18 | CVE-2024-12693 | Out-of-bounds Write vulnerability in Google Chrome Out of bounds memory access in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | 8.8 |
| 2024-10-15 | CVE-2024-9956 | Unspecified vulnerability in Google Chrome Inappropriate implementation in WebAuthentication in Google Chrome on Android prior to 130.0.6723.58 allowed a local attacker to perform privilege escalation via a crafted HTML page. | 7.8 |
| 2024-10-15 | CVE-2024-9958 | Unspecified vulnerability in Google Chrome Inappropriate implementation in PictureInPicture in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. | 4.3 |
| 2024-10-15 | CVE-2024-9962 | Unspecified vulnerability in Google Chrome Inappropriate implementation in Permissions in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. | 4.3 |
| 2024-10-15 | CVE-2024-9963 | Unspecified vulnerability in Google Chrome Insufficient data validation in Downloads in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. | 4.3 |
| 2024-10-15 | CVE-2024-9964 | Unspecified vulnerability in Google Chrome Inappropriate implementation in Payments in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted Chrome Extension. | 4.3 |
| 2024-10-15 | CVE-2024-9965 | Unspecified vulnerability in Google Chrome Insufficient data validation in DevTools in Google Chrome on Windows prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. | 8.8 |
| 2024-10-15 | CVE-2024-9966 | Unspecified vulnerability in Google Chrome Inappropriate implementation in Navigations in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to bypass content security policy via a crafted HTML page. | 5.3 |
| 2024-09-17 | CVE-2024-8906 | Unspecified vulnerability in Google Chrome Incorrect security UI in Downloads in Google Chrome prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. | 4.3 |
| 2024-09-17 | CVE-2024-8908 | Unspecified vulnerability in Google Chrome Inappropriate implementation in Autofill in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. | 4.3 |