CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-20072
https://notcve.org/view.php?id=CVE-2018-20072
23 Sep 2024 — Insufficient data validation in PDF in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform out of bounds memory access via a crafted PDF file. (Chromium security severity: Low) • https://issues.chromium.org/issues/40093560 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-38023
https://notcve.org/view.php?id=CVE-2021-38023
23 Sep 2024 — Use after free in Extensions in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) • https://issues.chromium.org/issues/40056265 • CWE-416: Use After Free •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-7282
https://notcve.org/view.php?id=CVE-2023-7282
23 Sep 2024 — Inappropriate implementation in Navigation in Google Chrome prior to 113.0.5672.63 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low) • https://issues.chromium.org/issues/40056040 • CWE-451: User Interface (UI) Misrepresentation of Critical Information •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-7281
https://notcve.org/view.php?id=CVE-2023-7281
23 Sep 2024 — Inappropriate implementation in Compositing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) • https://issues.chromium.org/issues/40055233 • CWE-451: User Interface (UI) Misrepresentation of Critical Information •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7022
https://notcve.org/view.php?id=CVE-2024-7022
23 Sep 2024 — Uninitialized Use in V8 in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium) • https://issues.chromium.org/issues/324690505 • CWE-457: Use of Uninitialized Variable •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7020
https://notcve.org/view.php?id=CVE-2024-7020
23 Sep 2024 — Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) • https://issues.chromium.org/issues/40076065 • CWE-451: User Interface (UI) Misrepresentation of Critical Information •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7019
https://notcve.org/view.php?id=CVE-2024-7019
23 Sep 2024 — Inappropriate implementation in UI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) • https://issues.chromium.org/issues/41494315 • CWE-451: User Interface (UI) Misrepresentation of Critical Information •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7018
https://notcve.org/view.php?id=CVE-2024-7018
23 Sep 2024 — Heap buffer overflow in PDF in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) • https://issues.chromium.org/issues/333414305 • CWE-122: Heap-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-3176
https://notcve.org/view.php?id=CVE-2024-3176
16 Jul 2024 — Out of bounds write in SwiftShader in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) La escritura fuera de los límites en SwiftShader en Google Chrome anterior a 117.0.5938.62 permitía a un atacante remoto realizar una escritura en memoria fuera de los límites a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) • https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_12.html • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-7012
https://notcve.org/view.php?id=CVE-2023-7012
16 Jul 2024 — Insufficient data validation in Permission Prompts in Google Chrome prior to 117.0.5938.62 allowed an attacker who convinced a user to install a malicious app to potentially perform a sandbox escape via a malicious file. (Chromium security severity: Medium) • https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_12.html • CWE-20: Improper Input Validation CWE-138: Improper Neutralization of Special Elements •