Vulnerabilities > Google > Chrome

DATE CVE VULNERABILITY TITLE RISK
2024-09-23 CVE-2018-20072 Unspecified vulnerability in Google Chrome
Insufficient data validation in PDF in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform out of bounds memory access via a crafted PDF file.
local
low complexity
google
7.8
2024-09-17 CVE-2024-8906 Unspecified vulnerability in Google Chrome
Incorrect security UI in Downloads in Google Chrome prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page.
network
low complexity
google
4.3
2024-09-17 CVE-2024-8907 Cross-site Scripting vulnerability in Google Chrome
Insufficient data validation in Omnibox in Google Chrome on Android prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML (XSS) via a crafted set of UI gestures.
network
low complexity
google CWE-79
6.1
2024-09-17 CVE-2024-8908 Unspecified vulnerability in Google Chrome
Inappropriate implementation in Autofill in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page.
network
low complexity
google
4.3
2024-09-17 CVE-2024-8909 Unspecified vulnerability in Google Chrome
Inappropriate implementation in UI in Google Chrome on iOS prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page.
network
low complexity
google
4.3
2024-09-11 CVE-2024-8636 Out-of-bounds Write vulnerability in Google Chrome
Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-787
8.8
2024-09-11 CVE-2024-8637 Use After Free vulnerability in Google Chrome
Use after free in Media Router in Google Chrome on Android prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-416
8.8
2024-09-11 CVE-2024-8638 Type Confusion vulnerability in Google Chrome
Type Confusion in V8 in Google Chrome prior to 128.0.6613.137 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.
network
low complexity
google CWE-843
8.8
2024-09-11 CVE-2024-8639 Use After Free vulnerability in Google Chrome
Use after free in Autofill in Google Chrome on Android prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-416
8.8
2024-08-28 CVE-2024-8193 Out-of-bounds Write vulnerability in Google Chrome
Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-787
8.8