Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
google v8 vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2016-2843
Multiple unspecified vulnerabilities in Google V8 prior to 4.9.385.26, as used in Google Chrome prior to 49.0.2623.75, allow malicious users to cause a denial of service or possibly have other impact via unknown vectors.
Google Chrome
Google V8
10
CVSSv2
CVE-2015-6792
The MIDI subsystem in Google Chrome prior to 47.0.2526.106 does not properly handle the sending of data, which allows remote malicious users to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to midi_manager.cc, midi_manage...
Google Chrome
10
CVSSv2
CVE-2015-8548
Multiple unspecified vulnerabilities in Google V8 prior to 4.7.80.23, as used in Google Chrome prior to 47.0.2526.80, allow malicious users to cause a denial of service or possibly have other impact via unknown vectors, a different issue than CVE-2015-8478.
Google V8
Google Chrome
10
CVSSv2
CVE-2014-3176
Google Chrome prior to 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote malicious users to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3177.
Google Chrome 37.0.2062.49
Google Chrome 37.0.2062.60
Google Chrome 37.0.2062.44
Google Chrome 37.0.2062.31
Google Chrome 37.0.2062.11
Google Chrome 37.0.2062.51
Google Chrome 37.0.2062.76
Google Chrome 37.0.2062.28
Google Chrome 37.0.2062.48
Google Chrome 37.0.2062.78
Google Chrome 37.0.2062.14
Google Chrome 37.0.2062.16
Google Chrome 37.0.2062.35
Google Chrome 37.0.2062.69
Google Chrome 37.0.2062.25
Google Chrome 37.0.2062.4
Google Chrome 37.0.2062.36
Google Chrome 37.0.2062.59
Google Chrome 37.0.2062.81
Google Chrome 37.0.2062.73
Google Chrome 37.0.2062.67
Google Chrome 37.0.2062.77
10
CVSSv2
CVE-2014-3177
Google Chrome prior to 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote malicious users to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3176.
Google Chrome 37.0.2062.49
Google Chrome 37.0.2062.60
Google Chrome 37.0.2062.44
Google Chrome 37.0.2062.31
Google Chrome 37.0.2062.11
Google Chrome 37.0.2062.51
Google Chrome 37.0.2062.76
Google Chrome 37.0.2062.28
Google Chrome 37.0.2062.48
Google Chrome 37.0.2062.78
Google Chrome 37.0.2062.14
Google Chrome 37.0.2062.16
Google Chrome 37.0.2062.35
Google Chrome 37.0.2062.69
Google Chrome 37.0.2062.25
Google Chrome 37.0.2062.4
Google Chrome 37.0.2062.36
Google Chrome 37.0.2062.59
Google Chrome 37.0.2062.81
Google Chrome 37.0.2062.73
Google Chrome 37.0.2062.67
Google Chrome 37.0.2062.77
10
CVSSv2
CVE-2011-3092
The regex implementation in Google V8, as used in Google Chrome prior to 19.0.1084.46, allows remote malicious users to cause a denial of service (invalid write operation) or possibly have unspecified other impact via unknown vectors.
Google Chrome
10
CVSSv2
CVE-2010-0646
Multiple integer signedness errors in factory.cc in Google V8 before r3560, as used in Google Chrome prior to 4.0.249.89, allow remote malicious users to execute arbitrary code in the Chrome sandbox via crafted use of JavaScript arrays.
Google Chrome 1.0.154.59
Google Chrome 3.0.195.32
Google Chrome 1.0.154.48
Google Chrome 2.0.156.1
Google Chrome 3.0.195.21
Google Chrome 3.0.182.2
Google Chrome 2.0.172.33
Google Chrome 0.3.154.0
Google Chrome 2.0.169.0
Google Chrome 2.0.159.0
Google Chrome 2.0.172.37
Google Chrome 0.2.149.29
Google Chrome 3.0.195.24
Google Chrome 2.0.172.28
Google Chrome 2.0.172.38
Google Chrome 2.0.157.0
Google Chrome 3.0.190.2
Google Chrome 2.0.172.31
Google Chrome 2.0.172
Google Chrome 2.0.169.1
Google Chrome 0.4.154.31
Google Chrome 0.4.154.22
10
CVSSv2
CVE-2009-2935
Google V8, as used in Google Chrome prior to 2.0.172.43, allows remote malicious users to bypass intended restrictions on reading memory, and possibly obtain sensitive information or execute arbitrary code in the Chrome sandbox, via crafted JavaScript.
Google Chrome 2.0.157.2
Google Chrome 2.0.156.1
Google Chrome 2.0.172.33
Google Chrome 1.0.154.46
Google Chrome 2.0.172
Google Chrome 0.4.154.33
Google Chrome 0.2.149.27
Google Chrome 1.0.154.59
Google Chrome 0.3.154.3
Google Chrome 2.0.172.31
Google Chrome 0.2.152.1
Google Chrome 2.0.158.0
Google Chrome 1.0.154.42
Google Chrome 0.2.149.29
Google Chrome 1.0.154.48
Google Chrome 2.0.157.0
Google Chrome 0.2.153.1
Google Chrome 0.3.154.0
Google Chrome 0.4.154.22
Google Chrome 1.0.154.39
Google Chrome 1.0.154.52
Google Chrome
9.3
CVSSv2
CVE-2021-0514
In several functions of the V8 library, there is a possible use after free due to a race condition. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: Android...
Google Android 8.1
Google Android 9.0
Google Android 10.0
Google Android 11.0
9.3
CVSSv2
CVE-2020-6512
Type Confusion in V8 in Google Chrome before 84.0.4147.89 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Debian Debian Linux 10.0
Opensuse Leap 15.1
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »