Vulnerabilities in google

5,202 results
CVE-2022-1875Inappropriate implementation in PDF in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data via a crafteEPSS 0.6%CVE-2022-2610Insufficient policy enforcement in Background Fetch in Google Chrome prior to 104.0.5112.79 allowed a remote attacker to leak cross-origin dEPSS 0.6%CVE-2022-1500Insufficient data validation in Dev Tools in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to bypass content security policEPSS 0.6%CVE-2022-4194Use after free in Accessibility in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to potentially exploit heap corruption viaEPSS 0.6%CVE-2026-2649HIGHInteger overflow in V8 in Google Chrome prior to 145.0.7632.109 allowed a remote attacker to potentially exploit heap corruption via a craftEPSS 0.6%CVE-2024-5159HIGHHeap buffer overflow in ANGLE in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to perform an out of bounds memory read via EPSS 0.6%CVE-2019-13672Incorrect security UI in Omnibox in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially spoof the contents of the OEPSS 0.6%CVE-2022-3051HIGHHeap buffer overflow in Exosphere in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a useEPSS 0.6%CVE-2019-5861Insufficient data validation in Blink in Google Chrome prior to 76.0.3809.87 allowed a remote attacker to bypass anti-clickjacking policy viEPSS 0.6%CVE-2023-0931HIGHUse after free in Video in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafEPSS 0.6%CVE-2023-6706HIGHUse after free in FedCM in Google Chrome prior to 120.0.6099.109 allowed a remote attacker who convinced a user to engage in specific UI intEPSS 0.6%CVE-2023-6703HIGHUse after free in Blink in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafEPSS 0.6%CVE-2023-20965CRITICALIn processMessageImpl of ClientModeImpl.java, there is a possible credential disclosure in the TOFU flow due to a logic error in the code. TEPSS 0.6%CVE-2017-15402Using an ID that can be controlled by a compromised renderer which allows any frame to overwrite the page_state of any other frame in the saEPSS 0.6%CVE-2022-3058HIGHUse after free in Sign-In Flow in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific EPSS 0.6%CVE-2023-40082In modify_for_next_stage of fdt.rs, there is a possible way to render KASLR ineffective due to improperly used crypto. This could lead to reEPSS 0.6%CVE-2024-5498MEDIUMUse after free in Presentation API in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruptionEPSS 0.6%CVE-2024-10827HIGHUse after free in Serial in Google Chrome prior to 130.0.6723.116 allowed a remote attacker to potentially exploit heap corruption via a craEPSS 0.6%CVE-2022-1142Heap buffer overflow in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific uEPSS 0.6%CVE-2024-6103HIGHUse after free in Dawn in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to potentially exploit heap corruption via a craftEPSS 0.6%