Google Chrome vulnerabilities
3,975 known vulnerabilities affecting google/chrome.
Total CVEs
3,975
CISA KEV
74
actively exploited
Public exploits
63
Exploited in wild
65
Severity breakdown
CRITICAL297HIGH2024MEDIUM1626LOW17UNKNOWN11
Vulnerabilities
Page 74 of 199
CVE-2021-30567HIGHCVSS 8.8fixed in 92.0.4515.107≥ unspecified, < 92.0.4515.1072021-08-03
CVE-2021-30567 [HIGH] CWE-416 CVE-2021-30567: Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced
Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to open DevTools to potentially exploit heap corruption via specific user gesture.
nvd
CVE-2021-30576HIGHCVSS 8.8fixed in 92.0.4515.107≥ unspecified, < 92.0.4515.1072021-08-03
CVE-2021-30576 [HIGH] CWE-416 CVE-2021-30576: Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced
Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2021-30586HIGHCVSS 8.8fixed in 92.0.4515.107≥ unspecified, < 92.0.4515.1072021-08-03
CVE-2021-30586 [HIGH] CWE-416 CVE-2021-30586: Use after free in dialog box handling in Windows in Google Chrome prior to 92.0.4515.107 allowed an
Use after free in dialog box handling in Windows in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2021-30582MEDIUMCVSS 6.5fixed in 92.0.4515.107≥ unspecified, < 92.0.4515.1072021-08-03
CVE-2021-30582 [MEDIUM] CVE-2021-30582: Inappropriate implementation in Animation in Google Chrome prior to 92.0.4515.107 allowed a remote a
Inappropriate implementation in Animation in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
nvd
CVE-2021-30583MEDIUMCVSS 6.5fixed in 92.0.4515.107≥ unspecified, < 92.0.4515.1072021-08-03
CVE-2021-30583 [MEDIUM] CVE-2021-30583: Insufficient policy enforcement in image handling in iOS in Google Chrome on iOS prior to 92.0.4515.
Insufficient policy enforcement in image handling in iOS in Google Chrome on iOS prior to 92.0.4515.107 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
nvd
CVE-2021-30589MEDIUMCVSS 4.3fixed in 92.0.4515.107≥ unspecified, < 92.0.4515.1072021-08-03
CVE-2021-30589 [MEDIUM] CWE-20 CVE-2021-30589: Insufficient validation of untrusted input in Sharing in Google Chrome prior to 92.0.4515.107 allowe
Insufficient validation of untrusted input in Sharing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to bypass navigation restrictions via a crafted click-to-call link.
nvd
CVE-2021-30587MEDIUMCVSS 4.3fixed in 92.0.4515.107≥ unspecified, < 92.0.4515.1072021-08-03
CVE-2021-30587 [MEDIUM] CVE-2021-30587: Inappropriate implementation in Compositing in Google Chrome prior to 92.0.4515.107 allowed a remote
Inappropriate implementation in Compositing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
nvd
CVE-2021-30584MEDIUMCVSS 6.5fixed in 92.0.4515.107≥ unspecified, < 92.0.4515.1072021-08-03
CVE-2021-30584 [MEDIUM] CVE-2021-30584: Incorrect security UI in Downloads in Google Chrome on Android prior to 92.0.4515.107 allowed a remo
Incorrect security UI in Downloads in Google Chrome on Android prior to 92.0.4515.107 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
nvd
CVE-2021-30580MEDIUMCVSS 6.5fixed in 92.0.4515.107≥ unspecified, < 92.0.4515.1072021-08-03
CVE-2021-30580 [MEDIUM] CVE-2021-30580: Insufficient policy enforcement in Android intents in Google Chrome prior to 92.0.4515.107 allowed a
Insufficient policy enforcement in Android intents in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious application to obtain potentially sensitive information via a crafted HTML page.
nvd
CVE-2021-30555HIGHCVSS 8.8fixed in 91.0.4472.114≥ unspecified, < 91.0.4472.1142021-07-02
CVE-2021-30555 [HIGH] CWE-416 CVE-2021-30555: Use after free in Sharing in Google Chrome prior to 91.0.4472.114 allowed an attacker who convinced
Use after free in Sharing in Google Chrome prior to 91.0.4472.114 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page and user gesture.
nvd
CVE-2021-30554HIGHCVSS 8.8KEVfixed in 91.0.4472.114≥ unspecified, < 91.0.4472.1142021-07-02
CVE-2021-30554 [HIGH] CWE-416 CVE-2021-30554: Use after free in WebGL in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potenti
Use after free in WebGL in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2021-30556HIGHCVSS 8.8fixed in 91.0.4472.114≥ unspecified, < 91.0.4472.1142021-07-02
CVE-2021-30556 [HIGH] CWE-416 CVE-2021-30556: Use after free in WebAudio in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to pote
Use after free in WebAudio in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2021-30557HIGHCVSS 8.8fixed in 91.0.4472.114≥ unspecified, < 91.0.4472.1142021-07-02
CVE-2021-30557 [HIGH] CWE-416 CVE-2021-30557: Use after free in TabGroups in Google Chrome prior to 91.0.4472.114 allowed an attacker who convince
Use after free in TabGroups in Google Chrome prior to 91.0.4472.114 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2021-30552HIGHCVSS 8.8fixed in 91.0.4472.101≥ unspecified, < 91.0.4472.1012021-06-15
CVE-2021-30552 [HIGH] CWE-416 CVE-2021-30552: Use after free in Extensions in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinc
Use after free in Extensions in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2021-30553HIGHCVSS 8.8fixed in 91.0.4472.101≥ unspecified, < 91.0.4472.1012021-06-15
CVE-2021-30553 [HIGH] CWE-416 CVE-2021-30553: Use after free in Network service in Google Chrome prior to 91.0.4472.101 allowed a remote attacker
Use after free in Network service in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2021-30548HIGHCVSS 8.8fixed in 91.0.4472.101≥ unspecified, < 91.0.4472.1012021-06-15
CVE-2021-30548 [HIGH] CWE-416 CVE-2021-30548: Use after free in Loader in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potent
Use after free in Loader in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2021-30550HIGHCVSS 8.8fixed in 91.0.4472.101≥ unspecified, < 91.0.4472.1012021-06-15
CVE-2021-30550 [HIGH] CWE-416 CVE-2021-30550: Use after free in Accessibility in Google Chrome prior to 91.0.4472.101 allowed an attacker who conv
Use after free in Accessibility in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2021-30546HIGHCVSS 8.8fixed in 91.0.4472.101≥ unspecified, < 91.0.4472.1012021-06-15
CVE-2021-30546 [HIGH] CWE-416 CVE-2021-30546: Use after free in Autofill in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to pote
Use after free in Autofill in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2021-30551HIGHCVSS 8.8KEVfixed in 91.0.4472.101≥ unspecified, < 91.0.4472.1012021-06-15
CVE-2021-30551 [HIGH] CWE-843 CVE-2021-30551: Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentiall
Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
nvd
CVE-2021-30547HIGHCVSS 8.8fixed in 91.0.4472.101≥ unspecified, < 91.0.4472.1012021-06-15
CVE-2021-30547 [HIGH] CWE-787 CVE-2021-30547: Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to po
Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
nvd