Vulnerabilities > Google > Chrome > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-17 | CVE-2024-3837 | Use After Free vulnerability in Google Chrome Use after free in QUIC in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2024-04-17 | CVE-2024-3840 | Insufficient policy enforcement in Site Isolation in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | 7.5 |
| 2024-04-06 | CVE-2024-3156 | Unspecified vulnerability in Google Chrome Inappropriate implementation in V8 in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | 8.8 |
| 2024-04-06 | CVE-2024-3158 | Use After Free vulnerability in Google Chrome Use after free in Bookmarks in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2024-04-06 | CVE-2024-3159 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Chrome Out of bounds memory access in V8 in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. | 8.8 |
| 2024-03-26 | CVE-2024-2883 | Use After Free vulnerability in multiple products Use after free in ANGLE in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2024-03-26 | CVE-2024-2885 | Use After Free vulnerability in multiple products Use after free in Dawn in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2024-03-26 | CVE-2024-2886 | Use After Free vulnerability in multiple products Use after free in WebCodecs in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. | 7.5 |
| 2024-03-26 | CVE-2024-2887 | Type Confusion vulnerability in multiple products Type Confusion in WebAssembly in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to execute arbitrary code via a crafted HTML page. | 7.7 |
| 2024-03-20 | CVE-2024-2625 | Object lifecycle issue in V8 in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. | 8.8 |