Chrome - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Chrome
(Google)

Repositories	• https://github.com/googlei18n/sfntly • https://github.com/behdad/harfbuzz • https://github.com/uclouvain/openjpeg
#Vulnerabilities	3632

Date	Id	Summary	Products	Score	Patch	Annotated
2023-08-15	CVE-2023-4358	Use after free in DNS in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)	Debian_linux, Fedora, Chrome	8.8
2025-06-18	CVE-2025-6191	Integer overflow in V8 in Google Chrome prior to 137.0.7151.119 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)	Chrome	N/A
2025-06-18	CVE-2025-6192	Use after free in Metrics in Google Chrome prior to 137.0.7151.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)	Chrome	N/A
2025-06-30	CVE-2025-6554	Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)	Chrome	N/A
2025-05-27	CVE-2025-5063	Use after free in Compositing in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)	Chrome	N/A
2025-06-24	CVE-2025-6555	Use after free in Animation in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)	Chrome	N/A
2025-06-24	CVE-2025-6556	Insufficient policy enforcement in Loader in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)	Chrome	N/A
2025-06-24	CVE-2025-6557	Insufficient data validation in DevTools in Google Chrome on Windows prior to 138.0.7204.49 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low)	Chrome	N/A
2023-08-23	CVE-2023-4428	Out of bounds memory access in CSS in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)	Debian_linux, Fedora, Chrome	8.1
2010-04-01	CVE-2010-1233	Multiple integer overflows in Google Chrome before 4.1.249.1036 allow remote attackers to have an unspecified impact via vectors involving WebKit JavaScript objects.	Chrome	N/A