Chrome CVEs and Security Vulnerabilities

Filtered by vendor Google Subscriptions

Filtered by product Chrome Subscriptions

Search

Switch to Advanced Search (Beta)

Total 3675 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2021-4067	3 Debian, Fedoraproject, Google	3 Debian Linux, Fedora, Chrome	2024-11-21	8.8 High
Use after free in window manager in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-4066	3 Debian, Fedoraproject, Google	3 Debian Linux, Fedora, Chrome	2024-11-21	8.8 High
Integer underflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-4065	3 Debian, Fedoraproject, Google	3 Debian Linux, Fedora, Chrome	2024-11-21	8.8 High
Use after free in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-4064	3 Debian, Fedoraproject, Google	3 Debian Linux, Fedora, Chrome	2024-11-21	8.8 High
Use after free in screen capture in Google Chrome on ChromeOS prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-4063	3 Debian, Fedoraproject, Google	3 Debian Linux, Fedora, Chrome	2024-11-21	8.8 High
Use after free in developer tools in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-4062	3 Debian, Fedoraproject, Google	3 Debian Linux, Fedora, Chrome	2024-11-21	8.8 High
Heap buffer overflow in BFCache in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-4061	3 Debian, Fedoraproject, Google	3 Debian Linux, Fedora, Chrome	2024-11-21	8.8 High
Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-4059	3 Debian, Fedoraproject, Google	3 Debian Linux, Fedora, Chrome	2024-11-21	6.5 Medium
Insufficient data validation in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2021-4058	3 Debian, Fedoraproject, Google	3 Debian Linux, Fedora, Chrome	2024-11-21	8.8 High
Heap buffer overflow in ANGLE in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-4057	3 Debian, Fedoraproject, Google	3 Debian Linux, Fedora, Chrome	2024-11-21	8.8 High
Use after free in file API in Google Chrome prior to 96.0.4664.93 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-4056	3 Debian, Fedoraproject, Google	3 Debian Linux, Fedora, Chrome	2024-11-21	8.8 High
Type confusion in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-4055	3 Debian, Fedoraproject, Google	3 Debian Linux, Fedora, Chrome	2024-11-21	8.8 High
Heap buffer overflow in extensions in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.
CVE-2021-4054	3 Debian, Fedoraproject, Google	3 Debian Linux, Fedora, Chrome	2024-11-21	6.5 Medium
Incorrect security UI in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
CVE-2021-4053	3 Debian, Fedoraproject, Google	3 Debian Linux, Fedora, Chrome	2024-11-21	8.8 High
Use after free in UI in Google Chrome on Linux prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-4052	3 Debian, Fedoraproject, Google	3 Debian Linux, Fedora, Chrome	2024-11-21	8.8 High
Use after free in web apps in Google Chrome prior to 96.0.4664.93 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension.
CVE-2021-38022	3 Debian, Fedoraproject, Google	3 Debian Linux, Fedora, Chrome	2024-11-21	6.5 Medium
Inappropriate implementation in WebAuthentication in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2021-38021	3 Debian, Fedoraproject, Google	3 Debian Linux, Fedora, Chrome	2024-11-21	6.5 Medium
Inappropriate implementation in referrer in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
CVE-2021-38020	3 Debian, Fedoraproject, Google	4 Debian Linux, Fedora, Android and 1 more	2024-11-21	4.3 Medium
Insufficient policy enforcement in contacts picker in Google Chrome on Android prior to 96.0.4664.45 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
CVE-2021-38019	3 Debian, Fedoraproject, Google	3 Debian Linux, Fedora, Chrome	2024-11-21	6.5 Medium
Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
CVE-2021-38018	3 Debian, Fedoraproject, Google	3 Debian Linux, Fedora, Chrome	2024-11-21	6.5 Medium
Inappropriate implementation in navigation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to perform domain spoofing via a crafted HTML page.

« first previous Page 128 of 184. next last »