Chrome - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Chrome
(Google)

Repositories	• https://github.com/googlei18n/sfntly • https://github.com/behdad/harfbuzz • https://github.com/uclouvain/openjpeg
#Vulnerabilities	3429

Date	Id	Summary	Products	Score	Patch	Annotated
2024-08-21	CVE-2024-8033	Inappropriate implementation in WebApp Installs in Google Chrome on Windows prior to 128.0.6613.84 allowed an attacker who convinced a user to install a malicious application to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)	Chrome	4.3
2024-08-21	CVE-2024-7971	Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page. (Chromium security severity: High)	Chrome	8.8
2024-08-21	CVE-2024-7972	Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)	Chrome	8.8
2024-08-21	CVE-2024-7973	Heap buffer overflow in PDFium in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. (Chromium security severity: Medium)	Chrome	8.8
2024-08-21	CVE-2024-7979	Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege escalation via a crafted symbolic link. (Chromium security severity: Medium)	Chrome	7.8
2024-08-21	CVE-2024-7980	Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege escalation via a crafted symbolic link. (Chromium security severity: Medium)	Chrome	7.8
2024-08-21	CVE-2024-7977	Insufficient data validation in Installer in Google Chrome on Windows prior to 128.0.6613.84 allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severity: Medium)	Chrome	7.8
2024-08-21	CVE-2024-7974	Insufficient data validation in V8 API in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium)	Chrome	8.8
2024-08-21	CVE-2024-7975	Inappropriate implementation in Permissions in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)	Chrome	4.3
2024-08-21	CVE-2024-7976	Inappropriate implementation in FedCM in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)	Chrome	4.3