Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
google chrome os vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-3094
Malicious code exists in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific fun...
Tukaani Xz 5.6.1
Tukaani Xz 5.6.0
80 Github repositories
6 Articles
NA
CVE-2023-5217
Heap buffer overflow in vp8 encoding in libvpx in Google Chrome before 117.0.5938.132 and libvpx 1.13.1 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Webmproject Libvpx
Microsoft Edge 116.0.1938.98
Microsoft Edge 117.0.2045.47
Microsoft Edge Chromium 116.0.5845.229
Microsoft Edge Chromium 117.0.5938.132
Mozilla Firefox Focus
Mozilla Firefox Esr
Mozilla Firefox
Mozilla Thunderbird
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Apple Iphone Os
Apple Ipad Os
Apple Ipad Os 16.7
Apple Iphone Os 16.7
2 Github repositories
5 Articles
NA
CVE-2023-41064
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 16.6.1 and iPadOS 16.6.1, macOS Monterey 12.6.9, macOS Ventura 13.5.2, iOS 15.7.9 and iPadOS 15.7.9, macOS Big Sur 11.7.10. Processing a maliciously crafted image may lead to arbitrary...
Apple Ipados
Apple Iphone Os
Apple Macos
5 Github repositories
4 Articles
NA
CVE-2019-13689
Inappropriate implementation in OS in Google Chrome on ChromeOS before 75.0.3770.80 allowed a remote malicious user to perform arbitrary read/write via a malicious file. (Chromium security severity: Critical)
Google Chrome
NA
CVE-2019-13690
Inappropriate implementation in OS in Google Chrome on ChromeOS before 75.0.3770.80 allowed a remote malicious user to perform OS-level privilege escalation via a malicious file. (Chromium security severity: High)
Google Chrome
NA
CVE-2023-3497
Out of bounds read in Google Security Processor firmware in Google Chrome on Chrome OS before 114.0.5735.90 allowed a local malicious user to perform denial of service via physical access to the device. (Chromium security severity: Medium)
Google Chrome
NA
CVE-2023-2461
Use after free in OS Inputs in Google Chrome on ChromeOS before 113.0.5672.63 allowed a remote attacker who convinced a user to enage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: Medium)
Google Chrome
Debian Debian Linux 11.0
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Fedoraproject Fedora 38
NA
CVE-2023-0128
Use after free in Overview Mode in Google Chrome on Chrome OS before 109.0.5414.74 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Google Chrome
NA
CVE-2023-0137
Heap buffer overflow in Platform Apps in Google Chrome on Chrome OS before 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
Google Chrome
NA
CVE-2022-4378
A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.
Linux Linux Kernel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »