Google Chrome Chrome vulnerabilities

1,139 known vulnerabilities affecting google/chrome_chrome.

Total CVEs

1,139

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL58HIGH621MEDIUM339LOW104UNKNOWN17

Vulnerabilities

Page 28 of 57

CVE-2023-3390HIGHCVSS 7.82023-09-21

CVE-2023-3390 [HIGH] Long Term Support Channel Update for ChromeOS: CVE-2023-3390 Long Term Support Channel Update for ChromeOS CVE-2023-3390

chrome

CVE-2023-4353HIGHCVSS 8.82023-09-21

CVE-2023-4353 [HIGH] Long Term Support Channel Update for ChromeOS: CVE-2023-4353 Long Term Support Channel Update for ChromeOS CVE-2023-4353

chrome

CVE-2023-4354HIGHCVSS 8.82023-09-21

CVE-2023-4354 [HIGH] Long Term Support Channel Update for ChromeOS: CVE-2023-4354 Long Term Support Channel Update for ChromeOS CVE-2023-4354

chrome

CVE-2023-4357HIGHCVSS 8.82023-09-21

CVE-2023-4357 [HIGH] Long Term Support Channel Update for ChromeOS: CVE-2023-4357 Long Term Support Channel Update for ChromeOS CVE-2023-4357

chrome

CVE-2023-4427HIGHCVSS 8.12023-09-21

CVE-2023-4427 [HIGH] Long Term Support Channel Update for ChromeOS: CVE-2023-4427 Long Term Support Channel Update for ChromeOS CVE-2023-4427

chrome

CVE-2023-3733MEDIUMCVSS 4.32023-09-21

CVE-2023-3733 [MEDIUM] Long Term Support Channel Update for ChromeOS: CVE-2023-3733 Long Term Support Channel Update for ChromeOS CVE-2023-3733

chrome

CVE-2023-3734MEDIUMCVSS 4.32023-09-21

CVE-2023-3734 [MEDIUM] Long Term Support Channel Update for ChromeOS: CVE-2023-3734 Long Term Support Channel Update for ChromeOS CVE-2023-3734

chrome

CVE-2023-4903MEDIUMCVSS 4.32023-09-12

CVE-2023-4903 [MEDIUM] Stable Channel Update for Desktop: CVE-2023-4903 Stable Channel Update for Desktop CVE-2023-4903: Inappropriate implementation in Custom Mobile Tabs. Reported by Ahmed ElMasry on 2023-05-18 [$1000][ 1453501 ] Medium CVE-2023-4904: Insufficient policy enforcement in Downloads Reported by Tudor Enache @tudorhacks on 2023-06-09 [$500][ 1441228 ] Medium CVE-2023-4905: Inappropriate implementation in Prompts Severity: medium

chrome

CVE-2023-4900MEDIUMCVSS 4.32023-09-12

CVE-2023-4900 [MEDIUM] Stable Channel Update for Desktop: CVE-2023-4900 Stable Channel Update for Desktop CVE-2023-4900: Inappropriate implementation in Custom Tabs. Reported by Levit Nudi from Kenya on 2023-04-06 [$3000][ 1459281 ] Medium CVE-2023-4901: Inappropriate implementation in Prompts Reported by Kang Ali on 2023-06-29 [$2000][ 1454515 ] Medium CVE-2023-4902: Inappropriate implementation in Input Severity: medium

chrome

CVE-2023-7012MEDIUMCVSS 4.32023-09-12

CVE-2023-7012 [MEDIUM] Stable Channel Update for Desktop: CVE-2023-7012 Stable Channel Update for Desktop CVE-2023-7012: Insufficient data validation in Permission Prompts. Reported by koocola (@alo_cook) and Nan Wang (@eternalsakura13) of 360 Alpha Lab on 2022-10-28 [$6000][ 1449874 ] Low CVE-2023-4906: Insufficient policy enforcement in Autofill Reported by Ahmed ElMasry on 2023-05-30 [$2000][ 1462104 ] Low CVE-2023-4907: Inappropriate implementation in Intents Severity: medium

chrome

CVE-2023-4908LOWCVSS 4.32023-09-12

CVE-2023-4908 [LOW] Stable Channel Update for Desktop: CVE-2023-4908 Stable Channel Update for Desktop CVE-2023-4908: Inappropriate implementation in Picture in Picture. Reported by Axel Chong on 2023-06-06 [$TBD][ 1463293 ] Low CVE-2023-4909: Inappropriate implementation in Interstitials Reported by Axel Chong on 2023-07-09 We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel Severity

chrome

CVE-2023-4362HIGHCVSS 8.82023-09-11

CVE-2023-4362 [HIGH] Long Term Support Channel Update for ChromeOS: CVE-2023-4362 Long Term Support Channel Update for ChromeOS CVE-2023-4362

chrome

CVE-2023-4764HIGHCVSS 6.52023-09-05

CVE-2023-4764 [HIGH] Stable Channel Update for Desktop: CVE-2023-4764 Stable Channel Update for Desktop CVE-2023-4764: Incorrect security UI in BFCache. Reported by Irvan Kurniawan (sourc7) on 2023-05-20 We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel Severity: high

chrome

CVE-2023-4352HIGHCVSS 8.82023-08-25

CVE-2023-4352 [HIGH] Stable Channel Update for ChromeOS / ChromeOS Flex: CVE-2023-4352 Stable Channel Update for ChromeOS / ChromeOS Flex CVE-2023-4352: Type Confusion in V8. Reported by Sergei Glazunov of Google Project Zero on 2023-06-07 [$NA][ 1458046 ] High CVE-2023-4353: Heap buffer overflow in ANGLE Reported by Christoph Diehl / Microsoft Vulnerability Research on 2023-06-27 [$NA][ 1464215 ] High CVE-2023-4354: Heap buffer overflow in Skia Severity: high

chrome

CVE-2023-2312HIGHCVSS 8.82023-08-25

CVE-2023-2312 [HIGH] Stable Channel Update for ChromeOS / ChromeOS Flex: CVE-2023-2312 Stable Channel Update for ChromeOS / ChromeOS Flex CVE-2023-2312: Use after free in Offline. Reported by avaue at S Severity: high

chrome

CVE-2023-4349HIGHCVSS 8.82023-08-25

CVE-2023-4349 [HIGH] Stable Channel Update for ChromeOS / ChromeOS Flex: CVE-2023-4349 Stable Channel Update for ChromeOS / ChromeOS Flex CVE-2023-4349: Use after free in Device Trust Connectors. Reported by Weipeng Jiang (@Krace) of VRI on 2023-06-27 [$3000][ 1454817 ] High CVE-2023-4350: Inappropriate implementation in Fullscreen Reported by Khiem Tran (@duckhiem) on 2023-06-14 [$2000][ 1465833 ] High CVE-2023-4351: Use after free in Network Severity: high

chrome

CVE-2023-4355HIGHCVSS 8.82023-08-25

CVE-2023-4355 [HIGH] Stable Channel Update for ChromeOS / ChromeOS Flex: CVE-2023-4355 Stable Channel Update for ChromeOS / ChromeOS Flex CVE-2023-4355: Out of bounds memory access in V8. Reported by Sergei Glazunov of Google Project Zero on 2023-07-31 [$5000][ 1449929 ] Medium CVE-2023-4356: Use after free in Audio Reported by Zhenghang Xiao (@Kipreyyy) on 2023-05-30 [$3000][ 1458911 ] Medium CVE-2023-4357: Insufficient validation of untrusted input in XML Severity: high

chrome

CVE-2023-4367MEDIUMCVSS 3.62023-08-25

CVE-2023-4367 [MEDIUM] Stable Channel Update for ChromeOS / ChromeOS Flex: CVE-2023-4367 Stable Channel Update for ChromeOS / ChromeOS Flex CVE-2023-4367: Insufficient policy enforcement in Extensions API. Reported by Axel Chong on 2023-07-26 [$500][ 1467751 ] Medium CVE-2023-4368: Insufficient policy enforcement in Extensions API Reported by Axel Chong on 2023-07-26 Android Runtime Container Security Fixes: [NA] [NA] High Fixes CVE-2023-21264 on impacted platforms [NA] [NA] High Fixes CVE-2020-

chrome

CVE-2023-4364MEDIUMCVSS 4.32023-08-25

CVE-2023-4364 [MEDIUM] Stable Channel Update for ChromeOS / ChromeOS Flex: CVE-2023-4364 Stable Channel Update for ChromeOS / ChromeOS Flex CVE-2023-4364: Inappropriate implementation in Permission Prompts. Reported by Jasper Rebane on 2023-01-13 [$1000][ 1431043 ] Medium CVE-2023-4365: Inappropriate implementation in Fullscreen Reported by Hafiizh on 2023-04-06 [$1000][ 1450784 ] Medium CVE-2023-4366: Use after free in Extensions Severity: medium

chrome

CVE-2023-4361MEDIUMCVSS 5.32023-08-25

CVE-2023-4361 [MEDIUM] Stable Channel Update for ChromeOS / ChromeOS Flex: CVE-2023-4361 Stable Channel Update for ChromeOS / ChromeOS Flex CVE-2023-4361: Inappropriate implementation in Autofill. Reported by Thomas Orlita on 2023-07-17 [$1000][ 1316379 ] Medium CVE-2023-4362: Heap buffer overflow in Mojom IDL Reported by Zhao Hai of NanJing Cyberpeace TianYu Lab on 2022-04-14 [$1000][ 1367085 ] Medium CVE-2023-4363: Inappropriate implementation in WebShare Severity: medium

chrome

← Previous28 / 57Next →