Product:

Chrome

(Google)
Date Id Summary Products Score Patch Annotated
2023-12-06 CVE-2023-6510 Use after free in Media Capture in Google Chrome prior to 120.0.6099.62 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via specific UI interaction. (Chromium security severity: Medium) Debian_linux, Fedora, Chrome 8.8
2023-12-06 CVE-2023-6511 Inappropriate implementation in Autofill in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low) Debian_linux, Fedora, Chrome 4.3
2023-12-06 CVE-2023-6512 Inappropriate implementation in Web Browser UI in Google Chrome prior to 120.0.6099.62 allowed a remote attacker to potentially spoof the contents of an iframe dialog context menu via a crafted HTML page. (Chromium security severity: Low) Debian_linux, Fedora, Chrome 6.5
2019-11-25 CVE-2019-13720 Use after free in WebAudio in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chrome, Leap 8.8
2020-11-03 CVE-2020-16010 Heap buffer overflow in UI in Google Chrome on Android prior to 86.0.4240.185 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chrome 8.8
2021-01-14 CVE-2020-6572 Use after free in Media in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chrome 8.8
2022-04-05 CVE-2022-0609 Use after free in Animation in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chrome 8.8
2024-02-07 CVE-2024-1283 Heap buffer overflow in Skia in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Fedora, Chrome 9.8
2024-02-07 CVE-2024-1284 Use after free in Mojo in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Fedora, Chrome 9.8
2014-05-21 CVE-2014-1745 Use-after-free vulnerability in the SVG implementation in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger removal of an SVGFontFaceElement object, related to core/svg/SVGFontFaceElement.cpp. Chrome N/A