Total
3816 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-4369 | 1 Google | 2 Chrome, Chrome Os | 2025-05-05 | N/A | 8.8 HIGH |
|
Insufficient data validation in Systems Extensions in Google Chrome on ChromeOS prior to 116.0.5845.120 allowed an attacker who convinced a user to install a malicious extension to bypass file restrictions via a crafted HTML page. (Chromium security severity: Medium)
|
|||||
| CVE-2023-4355 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2025-05-05 | N/A | 8.8 HIGH |
|
Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2023-4354 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2025-05-05 | N/A | 8.8 HIGH |
|
Heap buffer overflow in Skia in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2023-4352 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2025-05-05 | N/A | 8.8 HIGH |
|
Type confusion in V8 in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2023-3421 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-05-05 | N/A | 8.8 HIGH |
|
Use after free in Media in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2023-3420 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-05-05 | N/A | 8.8 HIGH |
|
Type Confusion in V8 in Google Chrome prior to 114.0.5735.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2023-3217 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2025-05-05 | N/A | 8.8 HIGH |
|
Use after free in WebXR in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2023-3216 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2025-05-05 | N/A | 8.8 HIGH |
|
Type confusion in V8 in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2023-3215 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2025-05-05 | N/A | 8.8 HIGH |
|
Use after free in WebRTC in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2023-3214 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2025-05-05 | N/A | 8.8 HIGH |
|
Use after free in Autofill payments in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
|
|||||
| CVE-2023-2939 | 2 Google, Microsoft | 2 Chrome, Windows | 2025-05-05 | N/A | 7.8 HIGH |
|
Insufficient data validation in Installer in Google Chrome on Windows prior to 114.0.5735.90 allowed a local attacker to perform privilege escalation via crafted symbolic link. (Chromium security severity: Medium)
|
|||||
| CVE-2023-2936 | 1 Google | 1 Chrome | 2025-05-05 | N/A | 8.8 HIGH |
|
Type Confusion in V8 in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2023-2935 | 1 Google | 1 Chrome | 2025-05-05 | N/A | 8.8 HIGH |
|
Type Confusion in V8 in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2023-2934 | 1 Google | 1 Chrome | 2025-05-05 | N/A | 8.8 HIGH |
|
Out of bounds memory access in Mojo in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2023-2933 | 1 Google | 1 Chrome | 2025-05-05 | N/A | 8.8 HIGH |
|
Use after free in PDF in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)
|
|||||
| CVE-2023-2932 | 1 Google | 1 Chrome | 2025-05-05 | N/A | 8.8 HIGH |
|
Use after free in PDF in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)
|
|||||
| CVE-2023-2931 | 1 Google | 1 Chrome | 2025-05-05 | N/A | 8.8 HIGH |
|
Use after free in PDF in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)
|
|||||
| CVE-2023-2930 | 1 Google | 1 Chrome | 2025-05-05 | N/A | 8.8 HIGH |
|
Use after free in Extensions in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2023-2929 | 1 Google | 1 Chrome | 2025-05-05 | N/A | 8.8 HIGH |
|
Out of bounds write in Swiftshader in Google Chrome prior to 114.0.5735.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2023-2726 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2025-05-05 | N/A | 8.8 HIGH |
|
Inappropriate implementation in WebApp Installs in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious web app to bypass install dialog via a crafted HTML page. (Chromium security severity: Medium)
|
|||||
| CVE-2023-2725 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2025-05-05 | N/A | 8.8 HIGH |
|
Use after free in Guest View in Google Chrome prior to 113.0.5672.126 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2023-2724 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2025-05-05 | N/A | 8.8 HIGH |
|
Type confusion in V8 in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2023-2723 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2025-05-05 | N/A | 8.8 HIGH |
|
Use after free in DevTools in Google Chrome prior to 113.0.5672.126 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2023-2722 | 3 Debian, Fedoraproject, Google | 4 Debian Linux, Fedora, Android and 1 more | 2025-05-05 | N/A | 8.8 HIGH |
|
Use after free in Autofill UI in Google Chrome on Android prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2023-2721 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2025-05-05 | N/A | 8.8 HIGH |
|
Use after free in Navigation in Google Chrome prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
|
|||||
| CVE-2023-1530 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-05 | N/A | 8.8 HIGH |
|
Use after free in PDF in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2023-0933 | 1 Google | 1 Chrome | 2025-05-05 | N/A | 8.8 HIGH |
|
Integer overflow in PDF in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium)
|
|||||
| CVE-2023-0705 | 1 Google | 1 Chrome | 2025-05-05 | N/A | 7.5 HIGH |
|
Integer overflow in Core in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who had one a race condition to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)
|
|||||
| CVE-2023-0699 | 1 Google | 1 Chrome | 2025-05-05 | N/A | 8.8 HIGH |
|
Use after free in GPU in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page and browser shutdown. (Chromium security severity: Medium)
|
|||||
| CVE-2023-0698 | 1 Google | 1 Chrome | 2025-05-05 | N/A | 8.8 HIGH |
|
Out of bounds read in WebRTC in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2023-0138 | 1 Google | 1 Chrome | 2025-05-05 | N/A | 8.8 HIGH |
|
Heap buffer overflow in libphonenumber in Google Chrome prior to 109.0.5414.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)
|
|||||
| CVE-2023-0137 | 1 Google | 2 Chrome, Chrome Os | 2025-05-05 | N/A | 8.8 HIGH |
|
Heap buffer overflow in Platform Apps in Google Chrome on Chrome OS prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
|
|||||
| CVE-2023-0136 | 1 Google | 2 Android, Chrome | 2025-05-05 | N/A | 8.8 HIGH |
|
Inappropriate implementation in in Fullscreen API in Google Chrome on Android prior to 109.0.5414.74 allowed a remote attacker to execute incorrect security UI via a crafted HTML page. (Chromium security severity: Medium)
|
|||||
| CVE-2023-0135 | 1 Google | 1 Chrome | 2025-05-05 | N/A | 8.8 HIGH |
|
Use after free in Cart in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via database corruption and a crafted HTML page. (Chromium security severity: Medium)
|
|||||
| CVE-2023-0134 | 1 Google | 1 Chrome | 2025-05-05 | N/A | 8.8 HIGH |
|
Use after free in Cart in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via database corruption and a crafted HTML page. (Chromium security severity: Medium)
|
|||||
| CVE-2023-0129 | 1 Google | 1 Chrome | 2025-05-05 | N/A | 8.8 HIGH |
|
Heap buffer overflow in Network Service in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page and specific interactions. (Chromium security severity: High)
|
|||||
| CVE-2023-0128 | 1 Google | 2 Chrome, Chrome Os | 2025-05-05 | N/A | 8.8 HIGH |
|
Use after free in Overview Mode in Google Chrome on Chrome OS prior to 109.0.5414.74 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2022-3373 | 1 Google | 1 Chrome | 2025-05-05 | N/A | 8.8 HIGH |
|
Out of bounds write in V8 in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2019-13690 | 1 Google | 2 Chrome, Chrome Os | 2025-05-02 | N/A | 9.6 CRITICAL |
|
Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a remote attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: High)
|
|||||
| CVE-2019-13689 | 1 Google | 2 Chrome, Chrome Os | 2025-05-02 | N/A | 7.8 HIGH |
|
Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a remote attacker to perform arbitrary read/write via a malicious file. (Chromium security severity: Critical)
|
|||||