Vulnerabilities > Google > Chrome > 97.0.4692.100
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-05-03 | CVE-2023-2465 | Inappropriate implementation in CORS in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 4.3 |
2023-05-03 | CVE-2023-2466 | Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to spoof the contents of the security UI via a crafted HTML page. | 4.3 |
2023-05-03 | CVE-2023-2467 | Inappropriate implementation in Prompts in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to bypass permissions restrictions via a crafted HTML page. | 4.3 |
2023-05-03 | CVE-2023-2468 | Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed a remote attacker who had compromised the renderer process to obfuscate the security UI via a crafted HTML page. | 4.3 |
2023-04-19 | CVE-2023-2133 | Out-of-bounds Write vulnerability in multiple products Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2023-04-19 | CVE-2023-2134 | Out-of-bounds Write vulnerability in multiple products Out of bounds memory access in Service Worker API in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2023-04-19 | CVE-2023-2135 | Use After Free vulnerability in multiple products Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted HTML page. | 7.5 |
2023-04-19 | CVE-2023-2136 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
2023-04-19 | CVE-2023-2137 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in sqlite in Google Chrome prior to 112.0.5615.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2023-04-14 | CVE-2023-2033 | Type Confusion vulnerability in multiple products Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |