U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:google:chrome:21.0.1180.71:*:*:*:*:*:*:*
There are 2,667 matching records.
Displaying matches 101 through 120.
Vuln ID Summary CVSS Severity
CVE-2023-4572

Use after free in MediaStream in Google Chrome prior to 116.0.5845.140 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: August 29, 2023; 4:15:10 PM -0400 		V3.1: 8.8 HIGH
 V2.0:(not available)
CVE-2019-13690

Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a remote attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: High)

Published: August 25, 2023; 3:15:08 PM -0400 		V3.1: 9.6 CRITICAL
 V2.0:(not available)
CVE-2019-13689

Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a remote attacker to perform arbitrary read/write via a malicious file. (Chromium security severity: Critical)

Published: August 25, 2023; 3:15:07 PM -0400 		V3.1: 7.8 HIGH
 V2.0:(not available)
CVE-2022-4452

Insufficient data validation in crosvm in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

Published: August 25, 2023; 11:15:08 AM -0400 		V3.1: 8.8 HIGH
 V2.0:(not available)
CVE-2023-4431

Out of bounds memory access in Fonts in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)

Published: August 22, 2023; 8:15:09 PM -0400 		V3.1: 8.1 HIGH
 V2.0:(not available)
CVE-2023-4430

Use after free in Vulkan in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: August 22, 2023; 8:15:09 PM -0400 		V3.1: 8.8 HIGH
 V2.0:(not available)
CVE-2023-4429

Use after free in Loader in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Published: August 22, 2023; 8:15:09 PM -0400 		V3.1: 8.8 HIGH
 V2.0:(not available)
CVE-2023-4428

Out of bounds memory access in CSS in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

Published: August 22, 2023; 8:15:09 PM -0400 		V3.1: 8.1 HIGH
 V2.0:(not available)
CVE-2023-4427

Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

Published: August 22, 2023; 8:15:09 PM -0400 		V3.1: 8.1 HIGH
 V2.0:(not available)
CVE-2023-4369

Insufficient data validation in Systems Extensions in Google Chrome on ChromeOS prior to 116.0.5845.120 allowed an attacker who convinced a user to install a malicious extension to bypass file restrictions via a crafted HTML page. (Chromium security severity: Medium)

Published: August 15, 2023; 2:15:13 PM -0400 		V3.1: 8.8 HIGH
 V2.0:(not available)
CVE-2023-4368

Insufficient policy enforcement in Extensions API in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. (Chromium security severity: Medium)

Published: August 15, 2023; 2:15:13 PM -0400 		V3.1: 8.8 HIGH
 V2.0:(not available)
CVE-2023-4367

Insufficient policy enforcement in Extensions API in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. (Chromium security severity: Medium)

Published: August 15, 2023; 2:15:13 PM -0400 		V3.1: 6.5 MEDIUM
 V2.0:(not available)
CVE-2023-4366

Use after free in Extensions in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Published: August 15, 2023; 2:15:13 PM -0400 		V3.1: 8.8 HIGH
 V2.0:(not available)
CVE-2023-4365

Inappropriate implementation in Fullscreen in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)

Published: August 15, 2023; 2:15:13 PM -0400 		V3.1: 4.3 MEDIUM
 V2.0:(not available)
CVE-2023-4364

Inappropriate implementation in Permission Prompts in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)

Published: August 15, 2023; 2:15:13 PM -0400 		V3.1: 4.3 MEDIUM
 V2.0:(not available)
CVE-2023-4363

Inappropriate implementation in WebShare in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to spoof the contents of a dialog URL via a crafted HTML page. (Chromium security severity: Medium)

Published: August 15, 2023; 2:15:13 PM -0400 		V3.1: 4.3 MEDIUM
 V2.0:(not available)
CVE-2023-4362

Heap buffer overflow in Mojom IDL in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process and gained control of a WebUI process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Published: August 15, 2023; 2:15:13 PM -0400 		V3.1: 8.8 HIGH
 V2.0:(not available)
CVE-2023-4361

Inappropriate implementation in Autofill in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Medium)

Published: August 15, 2023; 2:15:12 PM -0400 		V3.1: 5.3 MEDIUM
 V2.0:(not available)
CVE-2023-4360

Inappropriate implementation in Color in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)

Published: August 15, 2023; 2:15:12 PM -0400 		V3.1: 4.3 MEDIUM
 V2.0:(not available)
CVE-2023-4359

Inappropriate implementation in App Launcher in Google Chrome on iOS prior to 116.0.5845.96 allowed a remote attacker to potentially spoof elements of the security UI via a crafted HTML page. (Chromium security severity: Medium)

Published: August 15, 2023; 2:15:12 PM -0400 		V3.1: 5.3 MEDIUM
 V2.0:(not available)