Vulnerabilities > Google > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-06 | CVE-2024-7001 | Unspecified vulnerability in Google Chrome Inappropriate implementation in HTML in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. | 4.3 |
| 2024-08-06 | CVE-2024-7003 | Unspecified vulnerability in Google Chrome Inappropriate implementation in FedCM in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. | 4.3 |
| 2024-08-06 | CVE-2024-7004 | Unspecified vulnerability in Google Chrome Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a malicious file. | 4.3 |
| 2024-08-06 | CVE-2024-7005 | Unspecified vulnerability in Google Chrome Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a malicious file. | 4.3 |
| 2024-07-16 | CVE-2020-36765 | Unspecified vulnerability in Google Chrome Insufficient policy enforcement in Navigation in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2024-07-16 | CVE-2023-7013 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Chrome Inappropriate implementation in Compositing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially spoof security UI via a crafted HTML page. | 4.7 |
| 2024-07-16 | CVE-2024-2884 | Out-of-bounds Read vulnerability in Google Chrome Out of bounds read in V8 in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | 6.5 |
| 2024-07-16 | CVE-2024-3175 | Unspecified vulnerability in Google Chrome Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to perform privilege escalation via a crafted Chrome Extension. | 6.3 |
| 2024-07-16 | CVE-2024-5500 | Unspecified vulnerability in Google Chrome Inappropriate implementation in Sign-In in Google Chrome prior to 1.3.36.351 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | 6.5 |
| 2024-07-01 | CVE-2024-39427 | Out-of-bounds Write vulnerability in Google Android 12.0/13.0/14.0 In trusty service, there is a possible out of bounds write due to a missing bounds check. | 4.4 |