Google Chrome Chrome vulnerabilities
1,139 known vulnerabilities affecting google/chrome_chrome.
Total CVEs
1,139
CISA KEV
47
actively exploited
Public exploits
9
Exploited in wild
36
Severity breakdown
CRITICAL58HIGH621MEDIUM339LOW104UNKNOWN17
Vulnerabilities
Page 19 of 57
CVE-2024-8198HIGHCVSS 8.82024-09-23
CVE-2024-8198 [HIGH] Long Term Support Channel Update for ChromeOS: CVE-2024-8198
Long Term Support Channel Update for ChromeOS
CVE-2024-8198
chrome
CVE-2024-7967HIGHCVSS 8.82024-09-23
CVE-2024-7967 [HIGH] Long Term Support Channel Update for ChromeOS: CVE-2024-7967
Long Term Support Channel Update for ChromeOS
CVE-2024-7967
chrome
CVE-2024-6989HIGHCVSS 8.82024-09-23
CVE-2024-6989 [HIGH] Long Term Support Channel Update for ChromeOS: CVE-2024-6989
Long Term Support Channel Update for ChromeOS
CVE-2024-6989
chrome
CVE-2024-8362HIGHCVSS 8.82024-09-23
CVE-2024-8362 [HIGH] Long Term Support Channel Update for ChromeOS: CVE-2024-8362
Long Term Support Channel Update for ChromeOS
CVE-2024-8362
chrome
CVE-2024-8193HIGHCVSS 8.82024-09-23
CVE-2024-8193 [HIGH] Long Term Support Channel Update for ChromeOS: CVE-2024-8193
Long Term Support Channel Update for ChromeOS
CVE-2024-8193
chrome
CVE-2024-7976MEDIUMCVSS 4.32024-09-23
CVE-2024-7976 [MEDIUM] Long Term Support Channel Update for ChromeOS: CVE-2024-7976
Long Term Support Channel Update for ChromeOS
CVE-2024-7976
chrome
CVE-2024-8907MEDIUMCVSS 6.12024-09-17
CVE-2024-8907 [MEDIUM] Stable Channel Update for Desktop: CVE-2024-8907
Stable Channel Update for Desktop
CVE-2024-8907: Insufficient data validation in Omnibox. Reported by Muhammad Zaid Ghifari on 2024-08-18 [$1000][ 337222641 ] Low CVE-2024-8908: Inappropriate implementation in Autofill
Reported by Levit Nudi from Kenya on 2024-04-26 [$1000][ 341353783 ] Low CVE-2024-8909: Inappropriate implementation in UI
Severity: medium
chrome
CVE-2024-11919LOWCVSS 4.32024-09-17
CVE-2024-11919 [LOW] Stable Channel Update for Desktop: CVE-2024-11919
Stable Channel Update for Desktop
CVE-2024-11919: Inappropriate implementation in Intents. Reported by Mohit Raj (shadow2639) on 2024-07-11 We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel
Severity: low
chrome
CVE-2024-8639HIGHCVSS 8.82024-09-10
CVE-2024-8639 [HIGH] Stable Channel Update for Desktop: CVE-2024-8639
Stable Channel Update for Desktop
CVE-2024-8639: Use after free in Autofill. Reported by lime(@limeSec_) from TIANGONG Team of Legendsec at QI-ANXIN Group on 2024-08-28 We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel
Severity: high
chrome
CVE-2024-7965HIGHCVSS 8.8KEV2024-09-09
CVE-2024-7965 [HIGH] Stable Channel Update for ChromeOS / ChromeOS Flex: CVE-2024-7965
Stable Channel Update for ChromeOS / ChromeOS Flex
CVE-2024-7965: Inappropriate implementation in V8. Reported by TheDog on 2024-07-30 [$10000][ 355465305 ] High CVE-2024-7966: Out of bounds memory access in Skia
Reported by Renan Rios (@HyHy100) on 2024-07-25 [$7000][ 355731798 ] High CVE-2024-7967: Heap buffer overflow in Fonts
Severity: high
chrome
CVE-2024-7968HIGHCVSS 8.82024-09-09
CVE-2024-7968 [HIGH] Stable Channel Update for ChromeOS / ChromeOS Flex: CVE-2024-7968
Stable Channel Update for ChromeOS / ChromeOS Flex
CVE-2024-7968: Use after free in Autofill. Reported by Han Zheng (HexHive) on 2024-06-25 [TBD][ 360700873 ] High CVE-2024-7971: Type confusion in V8
Reported by Microsoft Threat Intelligence Center (MSTIC), Microsoft Security Response Center (MSRC) on 2024-08-19 [$11000][ 345960102 ] Medium CVE-2024-7972: Inappropriate implementation in V8
Severity: high
chrome
CVE-2024-7974MEDIUMCVSS 8.82024-09-09
CVE-2024-7974 [MEDIUM] Stable Channel Update for ChromeOS / ChromeOS Flex: CVE-2024-7974
Stable Channel Update for ChromeOS / ChromeOS Flex
CVE-2024-7974: Insufficient data validation in V8 API. Reported by bowu(@gocrashed) on 2024-05-07 [$3000][ 347588491 ] Medium CVE-2024-7975: Inappropriate implementation in Permissions
Reported by Thomas Orlita on 2024-06-16 [$2000][ 339654392 ] Medium CVE-2024-7976: Inappropriate implementation in FedCM
Severity: medium
chrome
CVE-2024-7981LOWCVSS 4.32024-09-09
CVE-2024-7981 [LOW] Stable Channel Update for ChromeOS / ChromeOS Flex: CVE-2024-7981
Stable Channel Update for ChromeOS / ChromeOS Flex
CVE-2024-7981: Inappropriate implementation in Views. Reported by Thomas Orlita on 2023-07-14 Updated 04/08/2025 ChromeOS Vulnerability Rewards Program Reported Bug Fixes : [$500
Severity: low
chrome
CVE-2024-6779CRITICALCVSS 9.62024-09-06
CVE-2024-6779 [CRITICAL] Long Term Support Channel Update for ChromeOS: CVE-2024-6779
Long Term Support Channel Update for ChromeOS
CVE-2024-6779
chrome
CVE-2024-7964HIGHCVSS 8.82024-08-21
CVE-2024-7964 [HIGH] Stable Channel Update for Desktop: CVE-2024-7964
Stable Channel Update for Desktop
CVE-2024-7964: Use after free in Passwords. Reported by Anonymous on 2024-08-08 [$11000][ 356196918 ] High CVE-2024-7965: Inappropriate implementation in V8
Reported by TheDog on 2024-07-30 [$10000][ 355465305 ] High CVE-2024-7966: Out of bounds memory access in Skia
Severity: high
chrome
CVE-2024-7975MEDIUMCVSS 4.32024-08-21
CVE-2024-7975 [MEDIUM] Stable Channel Update for Desktop: CVE-2024-7975
Stable Channel Update for Desktop
CVE-2024-7975: Inappropriate implementation in Permissions. Reported by Thomas Orlita on 2024-06-16 [$2000][ 339654392 ] Medium CVE-2024-7976: Inappropriate implementation in FedCM
Reported by Alesandro Ortiz on 2024-05-10 [$1000][ 324770940 ] Medium CVE-2024-7977: Insufficient data validation in Installer
Severity: medium
chrome
CVE-2024-7972MEDIUMCVSS 8.82024-08-21
CVE-2024-7972 [MEDIUM] Stable Channel Update for Desktop: CVE-2024-7972
Stable Channel Update for Desktop
CVE-2024-7972: Inappropriate implementation in V8. Reported by Simon Gerst (intrigus-lgtm), Liam Wachter, and Julian Gremminger on 2024-06-10 [$7000][ 345518608 ] Medium CVE-2024-7973: Heap buffer overflow in PDFium
Reported by soiax on 2024-06-06 [$3000][ 339141099 ] Medium CVE-2024-7974: Insufficient data validation in V8 API
Severity: medium
chrome
CVE-2024-7978MEDIUMCVSS 4.32024-08-21
CVE-2024-7978 [MEDIUM] Stable Channel Update for Desktop: CVE-2024-7978
Stable Channel Update for Desktop
CVE-2024-7978: Insufficient policy enforcement in Data Transfer. Reported by NDevTK on 2022-07-21 [TBD][ 356064205 ] Medium CVE-2024-7979: Insufficient data validation in Installer
Reported by VulnNoob on 2024-07-29 [TBD][ 356328460 ] Medium CVE-2024-7980: Insufficient data validation in Installer
Severity: medium
chrome
CVE-2024-8034LOWCVSS 4.32024-08-21
CVE-2024-8034 [LOW] Stable Channel Update for Desktop: CVE-2024-8034
Stable Channel Update for Desktop
CVE-2024-8034: Inappropriate implementation in Custom Tabs. Reported by Bharat (mrnoob) on 2024-07-18 [TBD][ 40059470 ] Low CVE-2024-8035: Inappropriate implementation in Extensions
Reported by Microsoft on 2022-04-26 The previous version of these notes did not include the following security fixes which were included in the release: [$5000][ 40068607 ] Medium CVE-2024-13178: Inappropriate imple
chrome
CVE-2024-7532CRITICALCVSS 8.82024-08-06
CVE-2024-7532 [CRITICAL] Stable Channel Update for Desktop: CVE-2024-7532
Stable Channel Update for Desktop
CVE-2024-7532: Out of bounds memory access in ANGLE. Reported by wgslfuzz on 2024-07-02 [$11000][ 353552540 ] High CVE-2024-7533: Use after free in Sharing
Reported by lime(@limeSec_) from TIANGONG Team of Legendsec at QI-ANXIN Group on 2024-07-17 [$7000][ 355256380 ] High CVE-2024-7550: Type Confusion in V8
Severity: critical
chrome