Vulnerabilities > Google > Chrome > 90.0.4430.85
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-06 | CVE-2024-7535 | Out-of-bounds Write vulnerability in Google Chrome Inappropriate implementation in V8 in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2024-08-06 | CVE-2024-6999 | Unspecified vulnerability in Google Chrome Inappropriate implementation in FedCM in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. | 4.3 |
| 2024-08-06 | CVE-2024-7004 | Unspecified vulnerability in Google Chrome Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a malicious file. | 4.3 |
| 2024-08-01 | CVE-2024-6990 | Use of Uninitialized Resource vulnerability in Google Chrome Uninitialized Use in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | 8.8 |
| 2024-08-01 | CVE-2024-7255 | Out-of-bounds Read vulnerability in Google Chrome Out of bounds read in WebTransport in Google Chrome prior to 127.0.6533.88 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | 8.8 |
| 2024-08-01 | CVE-2024-7256 | Unspecified vulnerability in Google Chrome Insufficient data validation in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a remote attacker to execute arbitrary code via a crafted HTML page. | 8.8 |
| 2024-07-16 | CVE-2023-4860 | Unspecified vulnerability in Google Chrome Inappropriate implementation in Skia in Google Chrome prior to 115.0.5790.98 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
| 2024-07-16 | CVE-2023-7010 | Use After Free vulnerability in Google Chrome Use after free in WebRTC in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2024-07-16 | CVE-2023-7011 | Unspecified vulnerability in Google Chrome Inappropriate implementation in Picture in Picture in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 6.5 |
| 2024-07-16 | CVE-2023-7012 | Unspecified vulnerability in Google Chrome Insufficient data validation in Permission Prompts in Google Chrome prior to 117.0.5938.62 allowed an attacker who convinced a user to install a malicious app to potentially perform a sandbox escape via a malicious file. | 9.6 |