3376 results (0.004 seconds)

CVSS: -EPSS: 0%CPEs: 1EXPL: 0

Insufficient data validation in PDF in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform out of bounds memory access via a crafted PDF file. (Chromium security severity: Low) • https://issues.chromium.org/issues/40093560 •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

Use after free in Extensions in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) • https://issues.chromium.org/issues/40056265 • CWE-416: Use After Free •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Inappropriate implementation in Navigation in Google Chrome prior to 113.0.5672.63 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low) • https://issues.chromium.org/issues/40056040 • CWE-451: User Interface (UI) Misrepresentation of Critical Information •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

Out of bounds write in SwiftShader in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) La escritura fuera de los límites en SwiftShader en Google Chrome anterior a 117.0.5938.62 permitía a un atacante remoto realizar una escritura en memoria fuera de los límites a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) • https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_12.html https://issues.chromium.org/issues/40061476 • CWE-787: Out-of-bounds Write •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Insufficient data validation in Permission Prompts in Google Chrome prior to 117.0.5938.62 allowed an attacker who convinced a user to install a malicious app to potentially perform a sandbox escape via a malicious file. (Chromium security severity: Medium) • https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_12.html https://issues.chromium.org/issues/40061509 • CWE-20: Improper Input Validation CWE-138: Improper Neutralization of Special Elements •