Vulnerabilities > Google > Chrome > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-06 | CVE-2024-7005 | Unspecified vulnerability in Google Chrome Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a malicious file. | 4.3 |
| 2024-07-16 | CVE-2020-36765 | Unspecified vulnerability in Google Chrome Insufficient policy enforcement in Navigation in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2024-07-16 | CVE-2023-7011 | Unspecified vulnerability in Google Chrome Inappropriate implementation in Picture in Picture in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 6.5 |
| 2024-07-16 | CVE-2023-7013 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Chrome Inappropriate implementation in Compositing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. | 4.7 |
| 2024-07-16 | CVE-2024-2884 | Out-of-bounds Read vulnerability in Google Chrome Out of bounds read in V8 in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | 6.5 |
| 2024-07-16 | CVE-2024-3175 | Unspecified vulnerability in Google Chrome Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to perform privilege escalation via a crafted Chrome Extension. | 6.3 |
| 2024-07-16 | CVE-2024-5500 | Unspecified vulnerability in Google Chrome Inappropriate implementation in Sign-In in Google Chrome prior to 1.3.36.351 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | 6.5 |
| 2024-07-16 | CVE-2024-6777 | Use After Free vulnerability in Google Chrome Use after free in Navigation in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. | 6.5 |
| 2024-06-11 | CVE-2024-5839 | Inappropriate Implementation in Memory Allocator in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 6.5 |
| 2024-06-11 | CVE-2024-5840 | Policy bypass in CORS in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. | 6.5 |