cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-12692,https://securityvulnerability.io/vulnerability/CVE-2024-12692,Heap Corruption Vulnerability in V8 Prior to 131.0.6778.204,"A type confusion vulnerability has been identified in V8, the JavaScript engine used by Google Chrome, prior to version 131.0.6778.204. This vulnerability allows a remote attacker to craft a malicious HTML page that could lead to heap corruption. By leveraging this flaw, attackers may execute arbitrary code or disrupt the functioning of the web browser, posing risks to users who visit compromised or malicious web pages.",Google,Chrome,,,0.0004299999854993075,false,false,false,false,,false,false,2024-12-18T22:15:00.000Z,197
CVE-2024-12694,https://securityvulnerability.io/vulnerability/CVE-2024-12694,Heap Corruption Vulnerability in Google Chrome,"A vulnerability exists in Google Chrome that occurs due to a use after free error in the Compositing component. This flaw enables a remote attacker to leverage crafted HTML pages to potentially exploit heap corruption, leading to unexpected behaviors or crashes within the browser. Users of affected versions are encouraged to upgrade to the latest version to mitigate possible risks associated with this vulnerability.",Google,Chrome,,,0.0004299999854993075,false,false,false,false,,false,false,2024-12-18T22:15:00.000Z,0
CVE-2024-12693,https://securityvulnerability.io/vulnerability/CVE-2024-12693,Attackers Can Execute Arbitrary Code in Chrome Sandbox Via Crafted HTML Page,"The vulnerability involves an out of bounds memory access issue within the V8 JavaScript engine of Google Chrome. This security flaw permits a remote attacker to potentially execute arbitrary code within a sandboxed environment by sending a specially crafted HTML page. Such vulnerabilities can lead to serious security breaches, making it crucial for users to update their browsers to the latest versions to mitigate potential risks.",Google,Chrome,8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-12-18T22:15:00.000Z,239
CVE-2024-12695,https://securityvulnerability.io/vulnerability/CVE-2024-12695,Out of Bounds Write Vulnerability in Google Chrome,An out of bounds write vulnerability exists in the V8 engine of Google Chrome. This flaw can be exploited by remote attackers to execute arbitrary code within the context of a sandboxed environment through the use of specially crafted HTML content. Users of affected versions are urged to update their browsers to the latest version to mitigate potential risks associated with this security issue.,Google,Chrome,8.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-12-18T22:15:00.000Z,429
CVE-2024-12382,https://securityvulnerability.io/vulnerability/CVE-2024-12382,Use after free in Translate in Google Chrome prior to 131.0.6778.139 allowed remote attacker to potentially exploit heap corruption via crafted HTML page (Chromium security severity: High),"A vulnerability exists in Google Chrome that allows for use after free conditions in the Translate feature. This flaw may enable an attacker to exploit heap corruption by crafting a specially designed HTML page, potentially compromising the security of systems running affected versions of the browser. Users are encouraged to update to the latest release to mitigate risks associated with this vulnerability.",Google,Chrome,8.8,HIGH,0.0006099999882280827,false,true,false,false,,false,false,2024-12-12T01:40:00.000Z,0
CVE-2024-12381,https://securityvulnerability.io/vulnerability/CVE-2024-12381,Type Confusion Vulnerability in Google Chrome Prior to 131.0.6778.139,"A type confusion vulnerability in the V8 JavaScript engine used by Google Chrome potentially permits remote attackers to trigger heap corruption via specially crafted HTML content. This exploit could lead to unauthorized access or manipulation of memory, emphasizing the importance of addressing this vulnerability promptly. Users are encouraged to update to the latest version of Google Chrome to mitigate the risk associated with this flaw.",Google,Chrome,8.8,HIGH,0.0006099999882280827,false,true,false,false,,false,false,2024-12-12T01:40:00.000Z,0
CVE-2024-12053,https://securityvulnerability.io/vulnerability/CVE-2024-12053," type confusion in Chrome prior to 131.0.6778.108","The vulnerability CVE-2024-12053 is a type confusion in the V8 Javascript engine of Google Chrome prior to version 131.0.6778.108, with a security severity of High. The nature of the vulnerability allows a remote attacker to potentially exploit object corruption via a crafted HTML page. Google has issued an emergency update for the Chrome browser on all platforms to address this vulnerability. Users are warned to update their browsers immediately to ensure protection. The update for Windows, Mac, and Linux is version 131.0.6778.108, and for Android, it is version 131.0.6778.104. It is recommended for users to ensure that the automatic security update is installed by going to the Help|About option in the Chrome menu and restarting the browser.",Google,Chrome,8.8,HIGH,0.0006099999882280827,false,true,false,false,,false,false,2024-12-03T19:15:00.000Z,0
CVE-2024-7025,https://securityvulnerability.io/vulnerability/CVE-2024-7025,Integer Overflow Vulnerability in Google Chrome Affects Web Security,"An integer overflow vulnerability exists in the Layout component of Google Chrome versions prior to 129.0.6668.89, allowing a remote attacker to craft a malicious HTML page that could lead to heap corruption. This weakness can potentially be leveraged to manipulate memory allocation, leading to unpredictable behavior within the web browser. Users are encouraged to update to the latest version of Google Chrome to mitigate any associated risks.",Google,Chrome,8.8,HIGH,0.0006099999882280827,false,false,false,false,,false,false,2024-11-27T18:15:00.000Z,0
CVE-2024-9369,https://securityvulnerability.io/vulnerability/CVE-2024-9369,Insufficient Data Validation in Google Chrome Affects Mojo Component,"A vulnerability in the Mojo component of Google Chrome has been identified, allowing for insufficient data validation. This flaw enables an attacker, who has managed to compromise the renderer process, to execute an out of bounds memory write through the use of a specially crafted HTML page. The issue underscores the importance of rigorous data validation practices to prevent potential exploitation. Users are encouraged to update to the latest version to mitigate risks associated with this vulnerability.",Google,Chrome,9.6,CRITICAL,0.0006099999882280827,false,false,false,false,,false,false,2024-11-27T18:15:00.000Z,232
CVE-2024-11395,https://securityvulnerability.io/vulnerability/CVE-2024-11395,Type Confusion Vulnerability in Chrome Prior to 131.0.6778.85,Type Confusion in V8 in Google Chrome prior to 131.0.6778.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High),Google,Chrome,,,0.0004299999854993075,false,false,false,false,,false,false,2024-11-19T19:11:34.281Z,0
CVE-2024-11115,https://securityvulnerability.io/vulnerability/CVE-2024-11115,Insufficient Policy Enforcement in Google Chrome on iOS,"A vulnerability has been identified in Google Chrome for iOS, stemming from insufficient policy enforcement during navigation activities. This flaw can be exploited by remote attackers to escalate privileges through a sequence of user interface gestures. The exploit takes advantage of weaknesses in the browser's handling of navigation controls, potentially allowing unauthorized access to sensitive functionality and data. Users are urged to update their browser to the latest version to mitigate risks associated with this vulnerability.",Google,Chrome,8.8,HIGH,0.0006099999882280827,false,false,false,false,,false,false,2024-11-12T21:15:00.000Z,0
CVE-2024-11110,https://securityvulnerability.io/vulnerability/CVE-2024-11110,Remote Code Execution Vulnerability in Google Chrome Extensions,A vulnerability exists in Google Chrome where an inappropriate implementation in the Extensions component enables remote attackers to bypass site isolation by utilizing a crafted Chrome Extension. This flaw may expose sensitive user data or allow malicious actions to be executed without the user's consent. Users are advised to update to the latest version of Google Chrome to prevent potential exploitation.,Google,Chrome,6.5,MEDIUM,0.0004799999878741801,false,false,false,false,,false,false,2024-11-12T21:15:00.000Z,0
CVE-2024-11114,https://securityvulnerability.io/vulnerability/CVE-2024-11114,Inadequate Protection in Google Chrome's Views Component on Windows,"An inappropriate implementation in the Views module of Google Chrome for Windows has opened a potential avenue for a remote attacker to conduct a sandbox escape. This vulnerability arises when the renderer process is compromised, allowing malicious actors to exploit crafted HTML pages. Users running versions of Google Chrome prior to 131.0.6778.69 are particularly at risk. It is crucial for users to stay informed about these vulnerabilities and apply updates promptly to safeguard their systems.",Google,Chrome,8.3,HIGH,0.0006099999882280827,false,false,false,false,,false,false,2024-11-12T21:15:00.000Z,0
CVE-2024-11116,https://securityvulnerability.io/vulnerability/CVE-2024-11116,UI Spoofing Vulnerability in Google Chrome,"The vulnerability in Google Chrome relates to an improper implementation in Blink, allowing a remote attacker to manipulate the user interface. By deceiving a user into executing specific UI gestures on a specially crafted HTML page, an attacker could create a deceptive interface that appears legitimate. This exploit emphasizes the importance of user awareness and vigilance while interacting with browser content, as it can lead to unintentional actions or exposure to malicious activities. Users are advised to upgrade to the latest version to mitigate potential risks.",Google,Chrome,4.3,MEDIUM,0.0004600000102072954,false,false,false,false,,false,false,2024-11-12T21:15:00.000Z,0
CVE-2024-11113,https://securityvulnerability.io/vulnerability/CVE-2024-11113,Use After Free Vulnerability in Google Chrome Accessibility,"A use after free vulnerability in the Accessibility feature of Google Chrome prior to version 131.0.6778.69 can be exploited by a remote attacker who has compromised the renderer process. By leveraging a specially crafted HTML page, an attacker may be able to trigger heap corruption, posing significant risks to user security and data integrity.",Google,Chrome,8.8,HIGH,0.0006099999882280827,false,false,false,false,,false,false,2024-11-12T21:15:00.000Z,0
CVE-2024-11117,https://securityvulnerability.io/vulnerability/CVE-2024-11117,,Inappropriate implementation in FileSystem in Google Chrome prior to 131.0.6778.69 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. (Chromium security severity: Low),Google,Chrome,4.3,MEDIUM,0.0004600000102072954,false,false,false,false,,false,false,2024-11-12T21:15:00.000Z,0
CVE-2024-11111,https://securityvulnerability.io/vulnerability/CVE-2024-11111,,Inappropriate implementation in Autofill in Google Chrome prior to 131.0.6778.69 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium),Google,Chrome,4.3,MEDIUM,0.0004600000102072954,false,false,false,false,,false,false,2024-11-12T21:15:00.000Z,0
CVE-2024-11112,https://securityvulnerability.io/vulnerability/CVE-2024-11112,Heap Corruption Vulnerability in Google Chrome on Windows,"A vulnerability exists in Google Chrome's media handling that permits a remote attacker to exploit heap corruption issues. This occurs specifically in versions of Chrome for Windows prior to 131.0.6778.69. The vulnerability can be triggered via a specially crafted HTML page, potentially leading to unauthorized actions and compromised system integrity. Users are recommended to keep their browsers updated to the latest versions in order to mitigate any risks associated with such vulnerabilities.",Google,Chrome,8.8,HIGH,0.0006099999882280827,false,false,false,false,,false,false,2024-11-12T21:15:00.000Z,0
CVE-2024-10826,https://securityvulnerability.io/vulnerability/CVE-2024-10826,Heap Corruption Vulnerability in Google Chrome on Android,A use after free vulnerability exists in the Family Experiences component of Google Chrome for Android prior to version 130.0.6723.116. This vulnerability may enable a remote attacker to exploit heap corruption through a specially crafted HTML page. Attackers can leverage this flaw to compromise system integrity and potentially execute unauthorized actions. It is crucial for users to update their browser to the latest version to protect against this vulnerability.,Google,Chrome,8.8,HIGH,0.0006099999882280827,false,false,false,false,,false,false,2024-11-06T17:15:00.000Z,0
CVE-2024-10827,https://securityvulnerability.io/vulnerability/CVE-2024-10827,Heap Corruption Vulnerability in Google Chrome Prior to 130.0.6723.116,"A vulnerability in Google Chrome exists due to a use after free error in the Serial component, which could be exploited by a malicious actor. If successfully executed, this could potentially lead to heap corruption when a user interacts with a specially crafted HTML page. This presents a significant risk to user data and privacy, emphasizing the need for timely updates to maintain security integrity.",Google,Chrome,8.8,HIGH,0.0006099999882280827,false,false,false,false,,false,false,2024-11-06T17:15:00.000Z,0
CVE-2024-10488,https://securityvulnerability.io/vulnerability/CVE-2024-10488,Potential Heap Corruption Vulnerability in Google Chrome Before 130.0.6723.92,"A heap corruption vulnerability exists in the WebRTC component of Google Chrome that affects versions prior to 130.0.6723.92. By crafting a malicious HTML page, an attacker could exploit this vulnerability remotely, potentially leading to unexpected behavior in the affected application. Users are advised to update to the latest version of Google Chrome to mitigate the risks associated with this security flaw.",Google,Chrome,8.8,HIGH,0.0006099999882280827,false,false,false,false,,false,false,2024-10-29T22:15:00.000Z,0
CVE-2024-10487,https://securityvulnerability.io/vulnerability/CVE-2024-10487,Out of Bounds Write in Chrome Prior to 130.0.6723.92 Allowed Remote Attacker to Access Memory,"The vulnerability involves an out of bounds write issue in Google Chrome, which could allow a remote attacker to exploit this flaw through a crafted HTML page. This can lead to unauthorized memory access, potentially resulting in a range of security issues, including but not limited to remote code execution. Users are encouraged to update their Google Chrome to the latest version to mitigate the risks associated with this vulnerability.",Google,Chrome,8.8,HIGH,0.0006099999882280827,false,true,true,true,,false,false,2024-10-29T22:15:00.000Z,0
CVE-2024-10231,https://securityvulnerability.io/vulnerability/CVE-2024-10231,Chrome Patches Heap Corruption Flaw Before Attackers Can Exploit,"A type confusion vulnerability in the V8 engine of Google Chrome can be exploited by attackers through specially crafted HTML content. This weakness may lead to heap corruption, potentially allowing a remote attacker to execute arbitrary code. Users are advised to update their browsers to the latest version, as security patches addressing this vulnerability are essential for safeguarding against such attacks.",Google,Chrome,8.8,HIGH,0.0006099999882280827,false,false,false,false,,false,false,2024-10-22T21:43:11.374Z,0
CVE-2024-10230,https://securityvulnerability.io/vulnerability/CVE-2024-10230,Heap Corruption in Chrome Prior to 130.0.6723.69,"A type confusion vulnerability exists within the V8 JavaScript engine in Google Chrome before version 130.0.6723.69. This flaw can allow remote attackers to exploit heap corruption issues through specially crafted HTML pages. A successful exploit could lead to unpredictable behavior, including potential execution of arbitrary code, which poses significant risks to users who visit malicious websites.",Google,Chrome,8.8,HIGH,0.0006099999882280827,false,false,false,false,,false,false,2024-10-22T21:43:11.083Z,0
CVE-2024-10229,https://securityvulnerability.io/vulnerability/CVE-2024-10229,Remote Attack via Flawed Chrome Extension Implementation,"A vulnerability in Google Chrome has been identified due to an inappropriate implementation in Extensions prior to version 130.0.6723.69. This flaw enables a remote attacker to circumvent site isolation mechanisms by deploying a specially crafted Chrome Extension. The exploit can potentially expose sensitive user data and compromise overall browser security, making it crucial for users to update their browser to the latest version to mitigate this risk.",Google,Chrome,8.1,HIGH,0.0006099999882280827,false,false,false,false,,false,false,2024-10-22T21:43:10.643Z,0