Google Chrome vulnerabilities
3,975 known vulnerabilities affecting google/chrome.
Total CVEs
3,975
CISA KEV
74
actively exploited
Public exploits
63
Exploited in wild
65
Severity breakdown
CRITICAL297HIGH2024MEDIUM1626LOW17UNKNOWN11
Vulnerabilities
Page 73 of 199
CVE-2021-30573HIGHCVSS 8.8fixed in 92.0.4515.107≥ unspecified, < 92.0.4515.1072021-08-03
CVE-2021-30573 [HIGH] CWE-416 CVE-2021-30573: Use after free in GPU in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potential
Use after free in GPU in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2021-30581HIGHCVSS 8.8fixed in 92.0.4515.107≥ unspecified, < 92.0.4515.1072021-08-03
CVE-2021-30581 [HIGH] CWE-416 CVE-2021-30581: Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced
Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2021-30560HIGHCVSS 8.8fixed in 91.0.4472.164≥ unspecified, < 91.0.4472.1642021-08-03
CVE-2021-30560 [HIGH] CWE-416 CVE-2021-30560: Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to po
Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2021-30563HIGHCVSS 8.8KEVfixed in 91.0.4472.164≥ unspecified, < 91.0.4472.1642021-08-03
CVE-2021-30563 [HIGH] CWE-843 CVE-2021-30563: Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentiall
Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2021-30579HIGHCVSS 8.8fixed in 92.0.4515.107≥ unspecified, < 92.0.4515.1072021-08-03
CVE-2021-30579 [HIGH] CWE-416 CVE-2021-30579: Use after free in UI framework in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to
Use after free in UI framework in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2021-30572HIGHCVSS 8.8fixed in 92.0.4515.107≥ unspecified, < 92.0.4515.1072021-08-03
CVE-2021-30572 [HIGH] CWE-416 CVE-2021-30572: Use after free in Autofill in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to pote
Use after free in Autofill in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2021-30569HIGHCVSS 8.8fixed in 92.0.4515.107≥ unspecified, < 92.0.4515.1072021-08-03
CVE-2021-30569 [HIGH] CWE-416 CVE-2021-30569: Use after free in sqlite in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potent
Use after free in sqlite in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2021-30561HIGHCVSS 8.8fixed in 91.0.4472.164≥ unspecified, < 91.0.4472.1642021-08-03
CVE-2021-30561 [HIGH] CWE-843 CVE-2021-30561: Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentiall
Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2021-30577HIGHCVSS 7.8fixed in 92.0.4515.107≥ unspecified, < 92.0.4515.1072021-08-03
CVE-2021-30577 [HIGH] CWE-732 CVE-2021-30577: Insufficient policy enforcement in Installer in Google Chrome prior to 92.0.4515.107 allowed a remot
Insufficient policy enforcement in Installer in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to perform local privilege escalation via a crafted file.
nvd
CVE-2021-30566HIGHCVSS 8.8fixed in 92.0.4515.107≥ unspecified, < 92.0.4515.1072021-08-03
CVE-2021-30566 [HIGH] CWE-787 CVE-2021-30566: Stack buffer overflow in Printing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker
Stack buffer overflow in Printing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker who had compromised the renderer process to potentially exploit stack corruption via a crafted HTML page.
nvd
CVE-2021-30559HIGHCVSS 8.8fixed in 91.0.4472.164≥ unspecified, < 91.0.4472.1642021-08-03
CVE-2021-30559 [HIGH] CWE-787 CVE-2021-30559: Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to po
Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2021-30568HIGHCVSS 8.8fixed in 92.0.4515.107≥ unspecified, < 92.0.4515.1072021-08-03
CVE-2021-30568 [HIGH] CWE-787 CVE-2021-30568: Heap buffer overflow in WebGL in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to p
Heap buffer overflow in WebGL in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2021-30565HIGHCVSS 8.8fixed in 92.0.4515.107≥ unspecified, < 92.0.4515.1072021-08-03
CVE-2021-30565 [HIGH] CWE-787 CVE-2021-30565: Out of bounds write in Tab Groups in Google Chrome on Linux and ChromeOS prior to 92.0.4515.107 allo
Out of bounds write in Tab Groups in Google Chrome on Linux and ChromeOS prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page.
nvd
CVE-2021-30562HIGHCVSS 8.8fixed in 91.0.4472.164≥ unspecified, < 91.0.4472.1642021-08-03
CVE-2021-30562 [HIGH] CWE-416 CVE-2021-30562: Use after free in WebSerial in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to pot
Use after free in WebSerial in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2021-30578HIGHCVSS 8.8fixed in 92.0.4515.107≥ unspecified, < 92.0.4515.1072021-08-03
CVE-2021-30578 [HIGH] CWE-908 CVE-2021-30578: Uninitialized use in Media in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to perf
Uninitialized use in Media in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.
nvd
CVE-2021-30564HIGHCVSS 8.8fixed in 91.0.4472.164≥ unspecified, < 91.0.4472.1642021-08-03
CVE-2021-30564 [HIGH] CWE-787 CVE-2021-30564: Heap buffer overflow in WebXR in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to p
Heap buffer overflow in WebXR in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2021-30574HIGHCVSS 8.8fixed in 92.0.4515.107≥ unspecified, < 92.0.4515.1072021-08-03
CVE-2021-30574 [HIGH] CWE-416 CVE-2021-30574: Use after free in protocol handling in Google Chrome prior to 92.0.4515.107 allowed a remote attacke
Use after free in protocol handling in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2021-30541HIGHCVSS 8.8fixed in 91.0.4472.164≥ unspecified, < 91.0.4472.1642021-08-03
CVE-2021-30541 [HIGH] CWE-416 CVE-2021-30541: Use after free in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentiall
Use after free in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2021-30588HIGHCVSS 8.8fixed in 92.0.4515.107≥ unspecified, < 92.0.4515.1072021-08-03
CVE-2021-30588 [HIGH] CWE-843 CVE-2021-30588: Type confusion in V8 in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentiall
Type confusion in V8 in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2021-30575HIGHCVSS 8.8fixed in 92.0.4515.107≥ unspecified, < 92.0.4515.1072021-08-03
CVE-2021-30575 [HIGH] CWE-787 CVE-2021-30575: Out of bounds write in Autofill in Google Chrome prior to 92.0.4515.107 allowed a remote attacker wh
Out of bounds write in Autofill in Google Chrome prior to 92.0.4515.107 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
nvd