U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:a:google:chrome:25.0.1364.92:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 2,673 matching records.
Displaying matches 161 through 180.
Vuln ID Summary CVSS Severity
CVE-2023-6112

Use after free in Navigation in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: November 15, 2023; 1:15:06 PM -0500 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-5997

Use after free in Garbage Collection in Google Chrome prior to 119.0.6045.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: November 15, 2023; 1:15:06 PM -0500 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-5996

Use after free in WebAudio in Google Chrome prior to 119.0.6045.123 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: November 08, 2023; 3:15:07 PM -0500 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-5859

Incorrect security UI in Picture In Picture in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted local HTML page. (Chromium security severity: Low)

Published: November 01, 2023; 2:15:10 PM -0400 		V4.0:(not available)
 V3.1: 4.3 MEDIUM
V2.0:(not available)
CVE-2023-5858

Inappropriate implementation in WebApp Provider in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low)

Published: November 01, 2023; 2:15:10 PM -0400 		V4.0:(not available)
 V3.1: 4.3 MEDIUM
V2.0:(not available)
CVE-2023-5857

Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially execute arbitrary code via a malicious file. (Chromium security severity: Medium)

Published: November 01, 2023; 2:15:10 PM -0400 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-5856

Use after free in Side Panel in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Published: November 01, 2023; 2:15:10 PM -0400 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-5855

Use after free in Reading Mode in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)

Published: November 01, 2023; 2:15:10 PM -0400 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-5854

Use after free in Profiles in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)

Published: November 01, 2023; 2:15:10 PM -0400 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-5853

Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)

Published: November 01, 2023; 2:15:10 PM -0400 		V4.0:(not available)
 V3.1: 4.3 MEDIUM
V2.0:(not available)
CVE-2023-5852

Use after free in Printing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)

Published: November 01, 2023; 2:15:10 PM -0400 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-5851

Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)

Published: November 01, 2023; 2:15:10 PM -0400 		V4.0:(not available)
 V3.1: 4.3 MEDIUM
V2.0:(not available)
CVE-2023-5850

Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Medium)

Published: November 01, 2023; 2:15:10 PM -0400 		V4.0:(not available)
 V3.1: 4.3 MEDIUM
V2.0:(not available)
CVE-2023-5849

Integer overflow in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: November 01, 2023; 2:15:10 PM -0400 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-5482

Insufficient data validation in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

Published: November 01, 2023; 2:15:09 PM -0400 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-5480

Inappropriate implementation in Payments in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to bypass XSS preventions via a malicious file. (Chromium security severity: High)

Published: November 01, 2023; 2:15:09 PM -0400 		V4.0:(not available)
 V3.1: 6.1 MEDIUM
V2.0:(not available)
CVE-2023-5472

Use after free in Profiles in Google Chrome prior to 118.0.5993.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: October 25, 2023; 2:17:43 PM -0400 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-5487

Inappropriate implementation in Fullscreen in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severity: Medium)

Published: October 11, 2023; 7:15:11 PM -0400 		V4.0:(not available)
 V3.1: 6.5 MEDIUM
V2.0:(not available)
CVE-2023-5486

Inappropriate implementation in Input in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Low)

Published: October 11, 2023; 7:15:11 PM -0400 		V4.0:(not available)
 V3.1: 4.3 MEDIUM
V2.0:(not available)
CVE-2023-5485

Inappropriate implementation in Autofill in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to bypass autofill restrictions via a crafted HTML page. (Chromium security severity: Low)

Published: October 11, 2023; 7:15:11 PM -0400 		V4.0:(not available)
 V3.1: 4.3 MEDIUM
V2.0:(not available)