Vulnerabilities > Google > Chrome
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-08-21 | CVE-2024-7973 | Out-of-bounds Write vulnerability in Google Chrome Heap buffer overflow in PDFium in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. | 8.8 |
2024-08-21 | CVE-2024-7974 | Unspecified vulnerability in Google Chrome Insufficient data validation in V8 API in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. | 8.8 |
2024-08-21 | CVE-2024-7975 | Unspecified vulnerability in Google Chrome Inappropriate implementation in Permissions in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. | 4.3 |
2024-08-21 | CVE-2024-7976 | Unspecified vulnerability in Google Chrome Inappropriate implementation in FedCM in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. | 4.3 |
2024-08-21 | CVE-2024-7977 | Unspecified vulnerability in Google Chrome Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege escalation via a malicious file. | 7.8 |
2024-08-21 | CVE-2024-7978 | Unspecified vulnerability in Google Chrome Insufficient policy enforcement in Data Transfer in Google Chrome prior to 128.0.6613.84 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. | 4.3 |
2024-08-21 | CVE-2024-7979 | Insufficient Verification of Data Authenticity vulnerability in Google Chrome Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege escalation via a crafted symbolic link. | 7.8 |
2024-08-21 | CVE-2024-7980 | Insufficient Verification of Data Authenticity vulnerability in Google Chrome Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege escalation via a crafted symbolic link. | 7.8 |
2024-08-21 | CVE-2024-7981 | Unspecified vulnerability in Google Chrome Inappropriate implementation in Views in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. | 4.3 |
2024-08-21 | CVE-2024-8033 | Unspecified vulnerability in Google Chrome Inappropriate implementation in WebApp Installs in Google Chrome on Windows prior to 128.0.6613.84 allowed an attacker who convinced a user to install a malicious application to perform UI spoofing via a crafted HTML page. | 4.3 |