Threat Encyclopedia
A type confusion vulnerability has been reported in the V8 JavaScript engine of Google Chrome. The vulnerability is due to incorrect side effect modelling of JSStackCheck. A remote attacker could exploit this vulnerability by enticing a user into opening a crafted HTML page. Successful exploitation could result in execution of arbitrary code in the context of the Google Chrome sandbox.
A type confusion vulnerability has been reported in the V8 JavaScript engine of Google Chrome. The vulnerability is due to incorrect side effect modelling of JSStackCheck. A remote attacker could exploit this vulnerability by enticing a user into opening a crafted HTML page. Successful exploitation could result in execution of arbitrary code in the context of the Google Chrome sandbox.
Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2019-13720 is a use-after-free (UAF) vulnerability in audio for Google Chrome.
This vulnerability is due to when Google Chrome V8 JIT engine handle for singed/unsigned integer conversion cause type confusion. An attacker can exploit this vulnerability by tricking users to visit the malicious webpage then execute arbitrary code.
This vulnerability is due to when Google Chrome V8 JIT engine insufficient validation of untrusted input cause incorrect instruction selection on ChangeInt32ToInt64 node. An attacker can exploit this vulnerability by tricking users to visit the malicious webpage then execute arbitrary code.
Incorrect side effect annotation in V8 in Google Chrome prior to 70.0.3538.64 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
An asynchronous generator may return an incorrect state in V8 in Google Chrome prior to 66.0.3359.117 allowing a remote attacker to potentially exploit object corruption via a crafted HTML page.
Use after free in GPU in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
A heap buffer overflow vulnerability has been reported in the WebGL component of Google Chrome. This vulnerability is due to a missing bounds check after calculating a user-controlled offset into a heap buffer.
V8 in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android was missing a neutering check, which allowed a remote attacker to read values in memory via a crafted HTML page.
Heap buffer overflow in WebRTC in Google Chrome prior to 103.0.5060.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Use after free in Animation in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Infostealer which collect user's input, screenshot, browser's cookie and browse history. This infostealer was use Chrome browser extension as stage payload, it also use websocket to transfer bot commands.
Use after free in Layout in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Use after free in Mojo in Google Chrome prior to 108.0.5359.71 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
A use-after-free issue exists in Chrome 105 and earlier versions. Processing maliciously crafted web content may lead to arbitrary code execution in a privileged process.
Use after free in Passwords in Google Chrome prior to 105.0.5195.125 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.
This website uses cookies to ensure you get the best experience on our website.
Learn more