Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Google Subscribe
Filtered by product Chrome
Total 3690 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-2294 6 Apple, Fedoraproject, Google and 3 more 12 Ipados, Iphone Os, Mac Os X and 9 more 2025-10-24 N/A 8.8 HIGH
Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2023-6345 4 Debian, Fedoraproject, Google and 1 more 4 Debian Linux, Fedora, Chrome and 1 more 2025-10-24 N/A 9.6 CRITICAL
Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High)
CVE-2024-0519 3 Couchbase, Fedoraproject, Google 3 Couchbase Server, Fedora, Chrome 2025-10-24 N/A 8.8 HIGH
Out of bounds memory access in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-7024 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2025-10-24 N/A 8.8 HIGH
Heap buffer overflow in WebRTC in Google Chrome prior to 120.0.6099.129 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-2033 4 Couchbase, Debian, Fedoraproject and 1 more 4 Couchbase Server, Debian Linux, Fedora and 1 more 2025-10-24 N/A 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-2136 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2025-10-24 N/A 9.6 CRITICAL
Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2023-3079 7 Apple, Couchbase, Debian and 4 more 7 Macos, Couchbase Server, Debian Linux and 4 more 2025-10-24 N/A 8.8 HIGH
Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-4762 4 Debian, Fedoraproject, Google and 1 more 4 Debian Linux, Fedora, Chrome and 1 more 2025-10-24 N/A 8.8 HIGH
Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
CVE-2023-4863 9 Bandisoft, Bentley, Debian and 6 more 12 Honeyview, Seequent Leapfrog, Debian Linux and 9 more 2025-10-24 N/A 8.8 HIGH
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
CVE-2023-5217 8 Apple, Debian, Fedoraproject and 5 more 11 Ipados, Iphone Os, Debian Linux and 8 more 2025-10-24 N/A 8.8 HIGH
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-4671 2 Fedoraproject, Google 2 Fedora, Chrome 2025-10-24 N/A 9.6 CRITICAL
Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2024-4761 2 Fedoraproject, Google 2 Fedora, Chrome 2025-10-24 N/A 8.8 HIGH
Out of bounds write in V8 in Google Chrome prior to 124.0.6367.207 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)
CVE-2024-4947 2 Fedoraproject, Google 2 Fedora, Chrome 2025-10-24 N/A 9.6 CRITICAL
Type Confusion in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2024-5274 2 Fedoraproject, Google 2 Fedora, Chrome 2025-10-24 N/A 9.6 CRITICAL
Type Confusion in V8 in Google Chrome prior to 125.0.6422.112 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2024-7965 2 Google, Microsoft 2 Chrome, Edge Chromium 2025-10-24 N/A 8.8 HIGH
Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-7971 2 Google, Microsoft 2 Chrome, Edge 2025-10-24 N/A 9.6 CRITICAL
Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-2783 2 Google, Microsoft 2 Chrome, Windows 2025-10-24 N/A 8.3 HIGH
Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)
CVE-2025-5419 2 Google, Microsoft 2 Chrome, Edge Chromium 2025-10-24 N/A 8.8 HIGH
Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2021-37975 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2025-10-24 6.8 MEDIUM 8.8 HIGH
Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-37976 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2025-10-24 4.3 MEDIUM 6.5 MEDIUM
Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.