Vulnerabilities > Google > Chrome > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-11-29 CVE-2023-6345 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file.
network
low complexity
google debian fedoraproject microsoft CWE-190
critical
9.6
2023-08-25 CVE-2019-13690 Improper Privilege Management vulnerability in Google Chrome
Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a remote attacker to perform OS-level privilege escalation via a malicious file.
network
low complexity
google CWE-269
critical
9.6
2023-07-29 CVE-2022-4924 Use After Free vulnerability in Google Chrome
Use after free in WebRTC in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google CWE-416
critical
9.6
2023-07-29 CVE-2022-4920 Out-of-bounds Write vulnerability in Google Chrome
Heap buffer overflow in Blink in Google Chrome prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google CWE-787
critical
9.6
2023-04-19 CVE-2023-2136 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google debian fedoraproject CWE-190
critical
9.6
2023-03-21 CVE-2023-1529 Out-of-bounds Write vulnerability in multiple products
Out of bounds memory access in WebHID in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a malicious HID device.
network
low complexity
google fedoraproject CWE-787
critical
9.8
2022-11-25 CVE-2022-4135 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google microsoft CWE-787
critical
9.6
2022-11-09 CVE-2022-3890 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in Crashpad in Google Chrome on Android prior to 107.0.5304.106 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google debian CWE-787
critical
9.6
2022-09-26 CVE-2022-3075 Improper Input Validation vulnerability in multiple products
Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google fedoraproject CWE-20
critical
9.6
2022-08-12 CVE-2022-2587 Out-of-bounds Write vulnerability in Google Chrome
Out of bounds write in Chrome OS Audio Server in Google Chrome on Chrome OS prior to 102.0.5005.125 allowed a remote attacker to potentially exploit heap corruption via crafted audio metadata.
network
low complexity
google CWE-787
critical
9.8