Vulnerabilities > Google > Chrome > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-29 | CVE-2023-6345 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. | 9.6 |
2023-08-25 | CVE-2019-13690 | Improper Privilege Management vulnerability in Google Chrome Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a remote attacker to perform OS-level privilege escalation via a malicious file. | 9.6 |
2023-07-29 | CVE-2022-4924 | Use After Free vulnerability in Google Chrome Use after free in WebRTC in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
2023-07-29 | CVE-2022-4920 | Out-of-bounds Write vulnerability in Google Chrome Heap buffer overflow in Blink in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
2023-04-19 | CVE-2023-2136 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
2023-03-21 | CVE-2023-1529 | Out-of-bounds Write vulnerability in multiple products Out of bounds memory access in WebHID in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a malicious HID device. | 9.8 |
2022-11-25 | CVE-2022-4135 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
2022-11-09 | CVE-2022-3890 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in Crashpad in Google Chrome on Android prior to 107.0.5304.106 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
2022-09-26 | CVE-2022-3075 | Improper Input Validation vulnerability in multiple products Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
2022-08-12 | CVE-2022-2587 | Out-of-bounds Write vulnerability in Google Chrome Out of bounds write in Chrome OS Audio Server in Google Chrome on Chrome OS prior to 102.0.5005.125 allowed a remote attacker to potentially exploit heap corruption via crafted audio metadata. | 9.8 |