This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Google First view 2014-01-16
Product Chrome Last view 2025-06-03
Version 32.0.1700.29 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:google:chrome

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
0 2025-06-03 CVE-2025-5419

Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
0 2025-06-03 CVE-2025-5068

Use after free in Blink in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
0 2025-05-27 CVE-2025-5283

Use after free in libvpx in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
0 2025-05-27 CVE-2025-5281

Inappropriate implementation in BFCache in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially obtain user information via a crafted HTML page. (Chromium security severity: Medium)
0 2025-05-27 CVE-2025-5280

Out of bounds write in V8 in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
0 2025-05-27 CVE-2025-5067

Inappropriate implementation in Tab Strip in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
0 2025-05-27 CVE-2025-5066

Inappropriate implementation in Messages in Google Chrome on Android prior to 137.0.7151.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
0 2025-05-27 CVE-2025-5065

Inappropriate implementation in FileSystemAccess API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
0 2025-05-27 CVE-2025-5064

Inappropriate implementation in Background Fetch API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
0 2025-05-27 CVE-2025-5063

Use after free in Compositing in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
4.3 2025-05-14 CVE-2025-4664

Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
0 2025-05-06 CVE-2025-4372

Use after free in WebAudio in Google Chrome prior to 136.0.7103.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
0 2025-05-05 CVE-2025-4096

Heap buffer overflow in HTML in Google Chrome prior to 136.0.7103.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
0 2025-05-05 CVE-2025-4052

Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Low)
0 2025-05-05 CVE-2025-4051

Insufficient data validation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Medium)
0 2025-05-05 CVE-2025-4050

Out of bounds memory access in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
0 2025-04-16 CVE-2025-3620

Use after free in USB in Google Chrome prior to 135.0.7049.95 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
0 2025-04-16 CVE-2025-3619

Heap buffer overflow in Codecs in Google Chrome on Windows prior to 135.0.7049.95 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
0 2025-04-02 CVE-2025-3074

Inappropriate implementation in Downloads in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
0 2025-04-02 CVE-2025-3073

Inappropriate implementation in Autofill in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
0 2025-04-02 CVE-2025-3072

Inappropriate implementation in Custom Tabs in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
0 2025-04-02 CVE-2025-3071

Inappropriate implementation in Navigations in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)
0 2025-04-02 CVE-2025-3070

Insufficient validation of untrusted input in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)
0 2025-04-02 CVE-2025-3069

Inappropriate implementation in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)
0 2025-04-02 CVE-2025-3068

Inappropriate implementation in Intents in Google Chrome on Android prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)

CWE : Common Weakness Enumeration

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
33% (688) CWE-416 Use After Free
18% (375) CWE-787 Out-of-bounds Write
8% (172) CWE-20 Improper Input Validation
4% (98) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
4% (86) CWE-125 Out-of-bounds Read
3% (62) CWE-200 Information Exposure
2% (60) CWE-190 Integer Overflow or Wraparound
2% (56) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
1% (41) CWE-264 Permissions, Privileges, and Access Controls
1% (36) CWE-362 Race Condition
1% (30) CWE-346 Origin Validation Error
1% (29) CWE-254 Security Features
1% (27) CWE-399 Resource Management Errors
1% (27) CWE-284 Access Control (Authorization) Issues
1% (24) CWE-276 Incorrect Default Permissions
0% (18) CWE-189 Numeric Errors
0% (18) CWE-17 Code
0% (14) CWE-732 Incorrect Permission Assignment for Critical Resource
0% (14) CWE-19 Data Handling
0% (13) CWE-668 Exposure of Resource to Wrong Sphere
0% (13) CWE-290 Authentication Bypass by Spoofing
0% (13) CWE-203 Information Exposure Through Discrepancy
0% (10) CWE-59 Improper Link Resolution Before File Access ('Link Following')
0% (9) CWE-704 Incorrect Type Conversion or Cast
0% (7) CWE-269 Improper Privilege Management

SAINT Exploits

Description Link
Google Chrome SimplifiedLowering bug More info here

ExploitDB Exploits

id Description
33212 Adobe Flash Player Integer Underflow Remote Code Execution

Information Assurance Vulnerability Management (IAVM)

id Description
2015-B-0107 Multiple Security Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0061361
2015-A-0154 Multiple Vulnerabilities in Oracle Fusion Middleware
Severity: Category I - VMSKEY: V0061081
2014-B-0071 Multiple Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0052483
2014-B-0060 Multiple Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0050897
2014-B-0056 Multiple Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0050433
2014-B-0048 Multiple Security Vulnerabilities in Apple iOS
Severity: Category I - VMSKEY: V0050015
2014-B-0049 Multiple Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0050017
2014-B-0039 Multiple Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0048683
2014-B-0031 Multiple Security Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0046767
2014-B-0026 Multiple Security Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0046159
2014-B-0023 Multiple Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0045283
2014-B-0020 Multiple Security Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0044539
2014-A-0020 Adobe Flash Player Remote Code Execution Vulnerability
Severity: Category I - VMSKEY: V0043920
2014-B-0007 Multiple Security Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0043878
2014-B-0003 Multiple Security Vulnerabilities in Google Chrome
Severity: Category I - VMSKEY: V0043401

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2020-12-23 Google Chrome Blink Renderer MediaElementEventListener memory corruption attempt
RuleID : 56438 - Type : BROWSER-CHROME - Revision : 1
2020-12-23 Google Chrome Blink Renderer MediaElementEventListener memory corruption attempt
RuleID : 56437 - Type : BROWSER-CHROME - Revision : 1
2020-12-01 Google Chrome PNG in TTF parsing heap overflow attempt
RuleID : 56133 - Type : BROWSER-CHROME - Revision : 2
2020-12-01 Google Chrome PNG in TTF parsing heap overflow attempt
RuleID : 56132 - Type : BROWSER-CHROME - Revision : 2
2020-12-01 Google Chrome PNG in TTF parsing heap overflow attempt
RuleID : 56131 - Type : BROWSER-CHROME - Revision : 2
2020-12-01 Google Chrome PNG in TTF parsing heap overflow attempt
RuleID : 56130 - Type : BROWSER-CHROME - Revision : 2
2020-10-27 Google Chrome AudioArray memory corruption attempt
RuleID : 55810 - Type : BROWSER-CHROME - Revision : 1
2020-10-27 Google Chrome AudioArray memory corruption attempt
RuleID : 55809 - Type : BROWSER-CHROME - Revision : 1
2020-09-02 Google Chrome blink webaudio module use after free attempt
RuleID : 54625 - Type : BROWSER-CHROME - Revision : 1
2020-09-02 Google Chrome blink webaudio module use after free attempt
RuleID : 54624 - Type : BROWSER-CHROME - Revision : 1
2020-09-02 Google Chrome ReadableStream out of bounds read attempt
RuleID : 54623 - Type : BROWSER-CHROME - Revision : 1
2020-09-02 Google Chrome ReadableStream out of bounds read attempt
RuleID : 54622 - Type : BROWSER-CHROME - Revision : 1
2020-08-11 Google Chrome Blink use-after-free attempt
RuleID : 54498 - Type : BROWSER-CHROME - Revision : 1
2020-08-11 Google Chrome Blink use-after-free attempt
RuleID : 54497 - Type : BROWSER-CHROME - Revision : 1
2020-06-11 Google Chromium for Android AddInterface use after free attempt
RuleID : 53943 - Type : BROWSER-CHROME - Revision : 1
2020-06-11 Google Chromium for Android AddInterface use after free attempt
RuleID : 53942 - Type : BROWSER-CHROME - Revision : 1
2020-06-10 Google Chromium ImageCapture use after free attempt
RuleID : 53845 - Type : BROWSER-CHROME - Revision : 1
2020-06-10 Google Chromium ImageCapture use after free attempt
RuleID : 53844 - Type : BROWSER-CHROME - Revision : 1
2020-06-04 Chromium use after free exploitation attempt
RuleID : 53836 - Type : INDICATOR-COMPROMISE - Revision : 1
2020-06-04 Chromium use after free exploitation attempt
RuleID : 53835 - Type : INDICATOR-COMPROMISE - Revision : 1
2020-05-27 Google Chrome ObjectCreate type confusion attempt
RuleID : 53754 - Type : BROWSER-CHROME - Revision : 1
2020-05-27 Google Chrome ObjectCreate type confusion attempt
RuleID : 53753 - Type : BROWSER-CHROME - Revision : 1
2020-05-27 Google Chrome ObjectCreate type confusion attempt
RuleID : 53752 - Type : BROWSER-CHROME - Revision : 1
2020-05-27 Google Chrome ObjectCreate type confusion attempt
RuleID : 53751 - Type : BROWSER-CHROME - Revision : 1
2020-05-05 Google Chrome desktopMediaPickerController use after free attempt
RuleID : 53534 - Type : BROWSER-CHROME - Revision : 1

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-16 Name: The remote Fedora host is missing a security update.
File: fedora_2019-348547a32d.nasl - Type: ACT_GATHER_INFO
2019-01-08 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2019-1007.nasl - Type: ACT_GATHER_INFO
2019-01-07 Name: The remote Fedora host is missing a security update.
File: fedora_2019-859384e002.nasl - Type: ACT_GATHER_INFO
2019-01-07 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_546d4dd410ea11e9b407080027ef1a23.nasl - Type: ACT_GATHER_INFO
2019-01-07 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_720590df10eb11e9b407080027ef1a23.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-13d8c35127.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-34f7f68029.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-39be36e9fc.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-499f2dbc96.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-7c80aaef26.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-8e866c5066.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-94e1bc8c23.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-aafdbb5554.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-b844991a97.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-f76e6d17f1.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-fd194a1f14.nasl - Type: ACT_GATHER_INFO
2018-12-28 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2018-1446.nasl - Type: ACT_GATHER_INFO
2018-12-27 Name: The remote CentOS host is missing a security update.
File: centos_RHSA-2018-3831.nasl - Type: ACT_GATHER_INFO
2018-12-27 Name: The remote CentOS host is missing a security update.
File: centos_RHSA-2018-3833.nasl - Type: ACT_GATHER_INFO
2018-12-24 Name: The remote Debian host is missing a security update.
File: debian_DLA-1613.nasl - Type: ACT_GATHER_INFO
2018-12-14 Name: The remote Debian host is missing a security update.
File: debian_DLA-1605.nasl - Type: ACT_GATHER_INFO
2018-12-14 Name: A web browser installed on the remote Windows host is affected by a use after...
File: google_chrome_71_0_3578_98.nasl - Type: ACT_GATHER_INFO
2018-12-14 Name: A web browser installed on the remote macOS host is affected by a use after f...
File: macosx_google_chrome_71_0_3578_98.nasl - Type: ACT_GATHER_INFO
2018-12-13 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4354.nasl - Type: ACT_GATHER_INFO
2018-12-13 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_d10b49b28d0249e8afde0844626317af.nasl - Type: ACT_GATHER_INFO