U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:a:google:chrome:33.0.1750.104:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 2,516 matching records.
Displaying matches 221 through 240.
Vuln ID Summary CVSS Severity
CVE-2023-4368

Insufficient policy enforcement in Extensions API in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. (Chromium security severity: Medium)

Published: August 15, 2023; 2:15:13 PM -0400 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-4367

Insufficient policy enforcement in Extensions API in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. (Chromium security severity: Medium)

Published: August 15, 2023; 2:15:13 PM -0400 		V4.0:(not available)
 V3.1: 6.5 MEDIUM
V2.0:(not available)
CVE-2023-4366

Use after free in Extensions in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Published: August 15, 2023; 2:15:13 PM -0400 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-4365

Inappropriate implementation in Fullscreen in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)

Published: August 15, 2023; 2:15:13 PM -0400 		V4.0:(not available)
 V3.1: 4.3 MEDIUM
V2.0:(not available)
CVE-2023-4364

Inappropriate implementation in Permission Prompts in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)

Published: August 15, 2023; 2:15:13 PM -0400 		V4.0:(not available)
 V3.1: 4.3 MEDIUM
V2.0:(not available)
CVE-2023-4363

Inappropriate implementation in WebShare in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to spoof the contents of a dialog URL via a crafted HTML page. (Chromium security severity: Medium)

Published: August 15, 2023; 2:15:13 PM -0400 		V4.0:(not available)
 V3.1: 4.3 MEDIUM
V2.0:(not available)
CVE-2023-4362

Heap buffer overflow in Mojom IDL in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process and gained control of a WebUI process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Published: August 15, 2023; 2:15:13 PM -0400 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-4361

Inappropriate implementation in Autofill in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Medium)

Published: August 15, 2023; 2:15:12 PM -0400 		V4.0:(not available)
 V3.1: 5.3 MEDIUM
V2.0:(not available)
CVE-2023-4360

Inappropriate implementation in Color in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)

Published: August 15, 2023; 2:15:12 PM -0400 		V4.0:(not available)
 V3.1: 4.3 MEDIUM
V2.0:(not available)
CVE-2023-4359

Inappropriate implementation in App Launcher in Google Chrome on iOS prior to 116.0.5845.96 allowed a remote attacker to potentially spoof elements of the security UI via a crafted HTML page. (Chromium security severity: Medium)

Published: August 15, 2023; 2:15:12 PM -0400 		V4.0:(not available)
 V3.1: 5.3 MEDIUM
V2.0:(not available)
CVE-2023-4358

Use after free in DNS in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Published: August 15, 2023; 2:15:12 PM -0400 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-4357

Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)

Published: August 15, 2023; 2:15:12 PM -0400 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-4356

Use after free in Audio in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who has convinced a user to engage in specific UI interaction to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Published: August 15, 2023; 2:15:12 PM -0400 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-4355

Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: August 15, 2023; 2:15:11 PM -0400 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-4354

Heap buffer overflow in Skia in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: August 15, 2023; 2:15:11 PM -0400 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-4353

Heap buffer overflow in ANGLE in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: August 15, 2023; 2:15:11 PM -0400 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-4352

Type confusion in V8 in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: August 15, 2023; 2:15:11 PM -0400 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-4351

Use after free in Network in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who has elicited a browser shutdown to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: August 15, 2023; 2:15:11 PM -0400 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-4350

Inappropriate implementation in Fullscreen in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High)

Published: August 15, 2023; 2:15:11 PM -0400 		V4.0:(not available)
 V3.1: 6.5 MEDIUM
V2.0:(not available)
CVE-2023-4349

Use after free in Device Trust Connectors in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: August 15, 2023; 2:15:10 PM -0400 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)