U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:a:google:chrome:6.0.414.0:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 3,283 matching records.
Displaying matches 181 through 200.
Vuln ID Summary CVSS Severity
CVE-2023-5484

Inappropriate implementation in Navigation in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)

Published: October 11, 2023; 7:15:10 PM -0400 		V4.0:(not available)
 V3.1: 6.5 MEDIUM
V2.0:(not available)
CVE-2023-5483

Inappropriate implementation in Intents in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Medium)

Published: October 11, 2023; 7:15:10 PM -0400 		V4.0:(not available)
 V3.1: 6.5 MEDIUM
V2.0:(not available)
CVE-2023-5481

Inappropriate implementation in Downloads in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)

Published: October 11, 2023; 7:15:10 PM -0400 		V4.0:(not available)
 V3.1: 6.5 MEDIUM
V2.0:(not available)
CVE-2023-5479

Inappropriate implementation in Extensions API in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. (Chromium security severity: Medium)

Published: October 11, 2023; 7:15:10 PM -0400 		V4.0:(not available)
 V3.1: 6.5 MEDIUM
V2.0:(not available)
CVE-2023-5478

Inappropriate implementation in Autofill in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)

Published: October 11, 2023; 7:15:10 PM -0400 		V4.0:(not available)
 V3.1: 4.3 MEDIUM
V2.0:(not available)
CVE-2023-5477

Inappropriate implementation in Installer in Google Chrome prior to 118.0.5993.70 allowed a local attacker to bypass discretionary access control via a crafted command. (Chromium security severity: Low)

Published: October 11, 2023; 7:15:10 PM -0400 		V4.0:(not available)
 V3.1: 4.3 MEDIUM
V2.0:(not available)
CVE-2023-5476

Use after free in Blink History in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Published: October 11, 2023; 7:15:10 PM -0400 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-5475

Inappropriate implementation in DevTools in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted Chrome Extension. (Chromium security severity: Medium)

Published: October 11, 2023; 7:15:10 PM -0400 		V4.0:(not available)
 V3.1: 6.5 MEDIUM
V2.0:(not available)
CVE-2023-5474

Heap buffer overflow in PDF in Google Chrome prior to 118.0.5993.70 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium)

Published: October 11, 2023; 7:15:10 PM -0400 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-5473

Use after free in Cast in Google Chrome prior to 118.0.5993.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)

Published: October 11, 2023; 7:15:10 PM -0400 		V4.0:(not available)
 V3.1: 6.3 MEDIUM
V2.0:(not available)
CVE-2023-5218

Use after free in Site Isolation in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

Published: October 11, 2023; 7:15:10 PM -0400 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-5346

Type confusion in V8 in Google Chrome prior to 117.0.5938.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: October 05, 2023; 2:15:13 PM -0400 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-5217

Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: September 28, 2023; 12:15:10 PM -0400 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-5187

Use after free in Extensions in Google Chrome prior to 117.0.5938.132 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: September 28, 2023; 12:15:10 PM -0400 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-5186

Use after free in Passwords in Google Chrome prior to 117.0.5938.132 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: High)

Published: September 28, 2023; 12:15:10 PM -0400 		V4.0:(not available)
 V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-4909

Inappropriate implementation in Interstitials in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low)

Published: September 12, 2023; 5:15:09 PM -0400 		V4.0:(not available)
 V3.1: 4.3 MEDIUM
V2.0:(not available)
CVE-2023-4908

Inappropriate implementation in Picture in Picture in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Low)

Published: September 12, 2023; 5:15:09 PM -0400 		V4.0:(not available)
 V3.1: 4.3 MEDIUM
V2.0:(not available)
CVE-2023-4907

Inappropriate implementation in Intents in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low)

Published: September 12, 2023; 5:15:08 PM -0400 		V4.0:(not available)
 V3.1: 4.3 MEDIUM
V2.0:(not available)
CVE-2023-4906

Insufficient policy enforcement in Autofill in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low)

Published: September 12, 2023; 5:15:08 PM -0400 		V4.0:(not available)
 V3.1: 4.3 MEDIUM
V2.0:(not available)
CVE-2023-4905

Inappropriate implementation in Prompts in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)

Published: September 12, 2023; 5:15:08 PM -0400 		V4.0:(not available)
 V3.1: 4.3 MEDIUM
V2.0:(not available)