This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Google First view 2018-11-14
Product Chrome Last view 2024-12-12
Version 69.0.3497.32 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:google:chrome

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
8.8 2024-12-12 CVE-2024-12382

Use after free in Translate in Google Chrome prior to 131.0.6778.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8 2024-12-12 CVE-2024-12381

Type Confusion in V8 in Google Chrome prior to 131.0.6778.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8 2024-12-03 CVE-2024-12053

Type Confusion in V8 in Google Chrome prior to 131.0.6778.108 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

9.6 2024-11-27 CVE-2024-9369

Insufficient data validation in Mojo in Google Chrome prior to 129.0.6668.89 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

8.8 2024-11-27 CVE-2024-7025

Integer overflow in Layout in Google Chrome prior to 129.0.6668.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

4.3 2024-11-12 CVE-2024-11117

Inappropriate implementation in FileSystem in Google Chrome prior to 131.0.6778.69 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. (Chromium security severity: Low)

4.3 2024-11-12 CVE-2024-11116

Inappropriate implementation in Blink in Google Chrome prior to 131.0.6778.69 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

8.8 2024-11-12 CVE-2024-11115

Insufficient policy enforcement in Navigation in Google Chrome on iOS prior to 131.0.6778.69 allowed a remote attacker to perform privilege escalation via a series of UI gestures. (Chromium security severity: Medium)

8.3 2024-11-12 CVE-2024-11114

Inappropriate implementation in Views in Google Chrome on Windows prior to 131.0.6778.69 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

8.8 2024-11-12 CVE-2024-11113

Use after free in Accessibility in Google Chrome prior to 131.0.6778.69 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

8.8 2024-11-12 CVE-2024-11112

Use after free in Media in Google Chrome on Windows prior to 131.0.6778.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

4.3 2024-11-12 CVE-2024-11111

Inappropriate implementation in Autofill in Google Chrome prior to 131.0.6778.69 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

6.5 2024-11-12 CVE-2024-11110

Inappropriate implementation in Extensions in Google Chrome prior to 131.0.6778.69 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension. (Chromium security severity: High)

8.8 2024-11-06 CVE-2024-10827

Use after free in Serial in Google Chrome prior to 130.0.6723.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8 2024-11-06 CVE-2024-10826

Use after free in Family Experiences in Google Chrome on Android prior to 130.0.6723.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8 2024-10-29 CVE-2024-10488

Use after free in WebRTC in Google Chrome prior to 130.0.6723.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8 2024-10-29 CVE-2024-10487

Out of bounds write in Dawn in Google Chrome prior to 130.0.6723.92 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical)

8.8 2024-10-22 CVE-2024-10231

Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.8 2024-10-22 CVE-2024-10230

Type Confusion in V8 in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

8.1 2024-10-22 CVE-2024-10229

Inappropriate implementation in Extensions in Google Chrome prior to 130.0.6723.69 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension. (Chromium security severity: High)

5.3 2024-10-15 CVE-2024-9966

Inappropriate implementation in Navigations in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)

8.8 2024-10-15 CVE-2024-9965

Insufficient data validation in DevTools in Google Chrome on Windows prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low)

4.3 2024-10-15 CVE-2024-9964

Inappropriate implementation in Payments in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)

4.3 2024-10-15 CVE-2024-9963

Insufficient data validation in Downloads in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

4.3 2024-10-15 CVE-2024-9962

Inappropriate implementation in Permissions in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

CWE : Common Weakness Enumeration

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
44% (603) CWE-416 Use After Free
25% (341) CWE-787 Out-of-bounds Write
5% (68) CWE-20 Improper Input Validation
4% (55) CWE-125 Out-of-bounds Read
2% (35) CWE-190 Integer Overflow or Wraparound
2% (29) CWE-346 Origin Validation Error
1% (24) CWE-362 Race Condition
1% (24) CWE-276 Incorrect Default Permissions
1% (22) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
0% (13) CWE-290 Authentication Bypass by Spoofing
0% (12) CWE-668 Exposure of Resource to Wrong Sphere
0% (12) CWE-203 Information Exposure Through Discrepancy
0% (10) CWE-732 Incorrect Permission Assignment for Critical Resource
0% (10) CWE-59 Improper Link Resolution Before File Access ('Link Following')
0% (9) CWE-200 Information Exposure
0% (9) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
0% (6) CWE-345 Insufficient Verification of Data Authenticity
0% (6) CWE-269 Improper Privilege Management
0% (5) CWE-74 Failure to Sanitize Data into a Different Plane ('Injection')
0% (4) CWE-285 Improper Access Control (Authorization)
0% (4) CWE-281 Improper Preservation of Permissions
0% (4) CWE-209 Information Exposure Through an Error Message
0% (3) CWE-755 Improper Handling of Exceptional Conditions
0% (3) CWE-415 Double Free
0% (3) CWE-312 Cleartext Storage of Sensitive Information

SAINT Exploits

Description Link
Google Chrome SimplifiedLowering bug More info here

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2020-12-23 Google Chrome Blink Renderer MediaElementEventListener memory corruption attempt
RuleID : 56438 - Type : BROWSER-CHROME - Revision : 1
2020-12-23 Google Chrome Blink Renderer MediaElementEventListener memory corruption attempt
RuleID : 56437 - Type : BROWSER-CHROME - Revision : 1
2020-12-01 Google Chrome PNG in TTF parsing heap overflow attempt
RuleID : 56133 - Type : BROWSER-CHROME - Revision : 2
2020-12-01 Google Chrome PNG in TTF parsing heap overflow attempt
RuleID : 56132 - Type : BROWSER-CHROME - Revision : 2
2020-12-01 Google Chrome PNG in TTF parsing heap overflow attempt
RuleID : 56131 - Type : BROWSER-CHROME - Revision : 2
2020-12-01 Google Chrome PNG in TTF parsing heap overflow attempt
RuleID : 56130 - Type : BROWSER-CHROME - Revision : 2
2020-10-27 Google Chrome AudioArray memory corruption attempt
RuleID : 55810 - Type : BROWSER-CHROME - Revision : 1
2020-10-27 Google Chrome AudioArray memory corruption attempt
RuleID : 55809 - Type : BROWSER-CHROME - Revision : 1
2020-09-02 Google Chrome blink webaudio module use after free attempt
RuleID : 54625 - Type : BROWSER-CHROME - Revision : 1
2020-09-02 Google Chrome blink webaudio module use after free attempt
RuleID : 54624 - Type : BROWSER-CHROME - Revision : 1
2020-09-02 Google Chrome ReadableStream out of bounds read attempt
RuleID : 54623 - Type : BROWSER-CHROME - Revision : 1
2020-09-02 Google Chrome ReadableStream out of bounds read attempt
RuleID : 54622 - Type : BROWSER-CHROME - Revision : 1
2020-08-11 Google Chrome Blink use-after-free attempt
RuleID : 54498 - Type : BROWSER-CHROME - Revision : 1
2020-08-11 Google Chrome Blink use-after-free attempt
RuleID : 54497 - Type : BROWSER-CHROME - Revision : 1
2020-06-11 Google Chromium for Android AddInterface use after free attempt
RuleID : 53943 - Type : BROWSER-CHROME - Revision : 1
2020-06-11 Google Chromium for Android AddInterface use after free attempt
RuleID : 53942 - Type : BROWSER-CHROME - Revision : 1
2020-06-10 Google Chromium ImageCapture use after free attempt
RuleID : 53845 - Type : BROWSER-CHROME - Revision : 1
2020-06-10 Google Chromium ImageCapture use after free attempt
RuleID : 53844 - Type : BROWSER-CHROME - Revision : 1
2020-06-04 Chromium use after free exploitation attempt
RuleID : 53836 - Type : INDICATOR-COMPROMISE - Revision : 1
2020-06-04 Chromium use after free exploitation attempt
RuleID : 53835 - Type : INDICATOR-COMPROMISE - Revision : 1
2020-05-27 Google Chrome ObjectCreate type confusion attempt
RuleID : 53754 - Type : BROWSER-CHROME - Revision : 1
2020-05-27 Google Chrome ObjectCreate type confusion attempt
RuleID : 53753 - Type : BROWSER-CHROME - Revision : 1
2020-05-27 Google Chrome ObjectCreate type confusion attempt
RuleID : 53752 - Type : BROWSER-CHROME - Revision : 1
2020-05-27 Google Chrome ObjectCreate type confusion attempt
RuleID : 53751 - Type : BROWSER-CHROME - Revision : 1
2020-05-05 Google Chrome desktopMediaPickerController use after free attempt
RuleID : 53534 - Type : BROWSER-CHROME - Revision : 1

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-16 Name: The remote Fedora host is missing a security update.
File: fedora_2019-348547a32d.nasl - Type: ACT_GATHER_INFO
2019-01-07 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_720590df10eb11e9b407080027ef1a23.nasl - Type: ACT_GATHER_INFO
2019-01-07 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_546d4dd410ea11e9b407080027ef1a23.nasl - Type: ACT_GATHER_INFO
2019-01-07 Name: The remote Fedora host is missing a security update.
File: fedora_2019-859384e002.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-13d8c35127.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-34f7f68029.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-39be36e9fc.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-8e866c5066.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-fd194a1f14.nasl - Type: ACT_GATHER_INFO
2018-12-27 Name: The remote CentOS host is missing a security update.
File: centos_RHSA-2018-3833.nasl - Type: ACT_GATHER_INFO
2018-12-27 Name: The remote CentOS host is missing a security update.
File: centos_RHSA-2018-3831.nasl - Type: ACT_GATHER_INFO
2018-12-24 Name: The remote Debian host is missing a security update.
File: debian_DLA-1613.nasl - Type: ACT_GATHER_INFO
2018-12-14 Name: A web browser installed on the remote macOS host is affected by a use after f...
File: macosx_google_chrome_71_0_3578_98.nasl - Type: ACT_GATHER_INFO
2018-12-14 Name: A web browser installed on the remote Windows host is affected by a use after...
File: google_chrome_71_0_3578_98.nasl - Type: ACT_GATHER_INFO
2018-12-14 Name: The remote Debian host is missing a security update.
File: debian_DLA-1605.nasl - Type: ACT_GATHER_INFO
2018-12-13 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_d10b49b28d0249e8afde0844626317af.nasl - Type: ACT_GATHER_INFO
2018-12-13 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4354.nasl - Type: ACT_GATHER_INFO
2018-12-12 Name: A web browser installed on the remote Windows host is affected by multiple vu...
File: mozilla_firefox_60_4_esr.nasl - Type: ACT_GATHER_INFO
2018-12-12 Name: A web browser installed on the remote Windows host is affected by multiple vu...
File: mozilla_firefox_64_0.nasl - Type: ACT_GATHER_INFO
2018-12-12 Name: A web browser installed on the remote macOS host is affected by multiple vuln...
File: macosx_firefox_64_0.nasl - Type: ACT_GATHER_INFO
2018-12-12 Name: A web browser installed on the remote macOS host is affected by multiple vuln...
File: macosx_firefox_60_4_esr.nasl - Type: ACT_GATHER_INFO
2018-12-10 Name: A web browser installed on the remote macOS host is affected by multiple vuln...
File: macosx_google_chrome_71_0_3578_80.nasl - Type: ACT_GATHER_INFO
2018-12-10 Name: A web browser installed on the remote Windows host is affected by multiple vu...
File: google_chrome_71_0_3578_80.nasl - Type: ACT_GATHER_INFO
2018-12-10 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4352.nasl - Type: ACT_GATHER_INFO
2018-11-26 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201811-10.nasl - Type: ACT_GATHER_INFO