Vulnerabilities in google
4,767 resultsCVE-2021-30590—Heap buffer overflow in Bookmarks in Google Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption vEPSS 2.8%CVE-2025-14766HIGHOut of bounds read and write in V8 in Google Chrome prior to 143.0.7499.147 allowed a remote attacker to potentially exploit heap corruptionEPSS 2.8%CVE-2025-1550HIGHArbitrary Code Execution via Crafted Keras Config for Model LoadingEPSS 2.8%CVE-2020-6517—Heap buffer overflow in history in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via EPSS 2.8%CVE-2024-7254HIGHStack overflow in Protocol Buffers Java LiteEPSS 2.8%CVE-2020-16017CRITICALUse after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process EPSS 2.7%KEVCVE-2018-6129—Out of bounds array access in WebRTC in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially perform out of bounds mEPSS 2.7%CVE-2020-6523—Out of bounds write in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crEPSS 2.7%CVE-2021-21156—Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.182 allowed a remote attacker to potentially exploit heap corruption via a crEPSS 2.7%CVE-2018-17466—Incorrect texture handling in Angle in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to perform an out of bounds memory readEPSS 2.7%CVE-2019-5762—Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitraryEPSS 2.7%CVE-2019-5756—Inappropriate memory management when caching in PDFium in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to execute arbitraryEPSS 2.7%CVE-2020-6520—Buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafteEPSS 2.7%CVE-2018-6066—Lack of CORS checking by ResourceFetcher/ResourceLoader in Blink in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to leak cEPSS 2.7%CVE-2020-6449—Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a craftEPSS 2.7%CVE-2020-6402—Insufficient policy enforcement in downloads in Google Chrome on OS X prior to 80.0.3987.87 allowed an attacker who convinced a user to instEPSS 2.7%CVE-2018-6101—A lack of host validation in DevTools in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafEPSS 2.7%CVE-2019-5797HIGHDouble free in DOMStorage in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafEPSS 2.7%CVE-2018-18342—Execution of user supplied Javascript during object deserialization can update object length leading to an out of bounds write in V8 in GoogEPSS 2.7%CVE-2018-6140—Allowing the chrome.debugger API to attach to Web UI pages in DevTools in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinEPSS 2.6%