Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chrome vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-3834
Use after free in Downloads in Google Chrome before 124.0.6367.60 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Google Chrome
NA
CVE-2024-3837
Use after free in QUIC in Google Chrome before 124.0.6367.60 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
Google Chrome
NA
CVE-2024-3838
Inappropriate implementation in Autofill in Google Chrome before 124.0.6367.60 allowed an attacker who convinced a user to install a malicious app to perform UI spoofing via a crafted app. (Chromium security severity: Medium)
Google Chrome
NA
CVE-2024-3839
Out of bounds read in Fonts in Google Chrome before 124.0.6367.60 allowed a remote malicious user to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
Google Chrome
NA
CVE-2024-3840
Insufficient policy enforcement in Site Isolation in Google Chrome before 124.0.6367.60 allowed a remote malicious user to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)
NA
CVE-2024-3841
Insufficient data validation in Browser Switcher in Google Chrome before 124.0.6367.60 allowed a remote malicious user to inject scripts or HTML into a privileged page via a malicious file. (Chromium security severity: Medium)
NA
CVE-2024-3843
Insufficient data validation in Downloads in Google Chrome before 124.0.6367.60 allowed a remote malicious user to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
NA
CVE-2024-3844
Inappropriate implementation in Extensions in Google Chrome before 124.0.6367.60 allowed a remote malicious user to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)
NA
CVE-2024-3845
Inappropriate implementation in Networks in Google Chrome before 124.0.6367.60 allowed a remote malicious user to bypass mixed content policy via a crafted HTML page. (Chromium security severity: Low)
NA
CVE-2024-3846
Inappropriate implementation in Prompts in Google Chrome before 124.0.6367.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »