Vulnerabilities > Google > Chrome > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-29 | CVE-2022-4923 | Unspecified vulnerability in Google Chrome Inappropriate implementation in Omnibox in Google Chrome prior to 99.0.4844.51 allowed an attacker in a privileged network position to perform a man-in-the-middle attack via malicious network traffic. | 3.1 |
| 2019-12-10 | CVE-2019-13762 | Improper Locking vulnerability in multiple products Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 79.0.3945.79 allowed a local attacker to spoof downloaded files via local code. | 3.3 |
| 2019-11-25 | CVE-2019-13684 | Information Exposure vulnerability in Google Chrome Inappropriate implementation in JavaScript in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 2.6 |
| 2019-06-27 | CVE-2018-6171 | Use After Free vulnerability in Google Chrome Use after free in Bluetooth in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension. | 2.9 |
| 2019-06-27 | CVE-2018-20073 | Information Exposure vulnerability in Google Chrome Use of extended attributes in downloads in Google Chrome prior to 72.0.3626.81 allowed a local attacker to read download URLs via the filesystem. | 2.1 |
| 2019-06-27 | CVE-2018-16075 | Unspecified vulnerability in Google Chrome Insufficient file type enforcement in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to obtain local file data via a crafted HTML page. | 2.6 |
| 2019-01-09 | CVE-2018-6147 | Information Exposure vulnerability in Google Chrome Lack of secure text entry mode in Browser UI in Google Chrome on Mac prior to 67.0.3396.62 allowed a local attacker to obtain potentially sensitive information from process memory via a local process. | 2.1 |
| 2019-01-09 | CVE-2018-16079 | Race Condition vulnerability in Google Chrome A race condition between permission prompts and navigations in Prompts in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 2.6 |
| 2018-12-11 | CVE-2018-18358 | Improper Input Validation vulnerability in Google Chrome Lack of special casing of localhost in WPAD files in Google Chrome prior to 71.0.3578.80 allowed an attacker on the local network segment to proxy resources on localhost via a crafted WPAD file. | 2.9 |
| 2018-08-28 | CVE-2017-15417 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Chrome Inappropriate implementation in Skia canvas composite operations in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 2.6 |