Vulnerabilities in google

5,202 results
CVE-2026-13815HIGHUse after free in Blink in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a cEPSS 0.4%CVE-2025-1914HIGHOut of bounds read in V8 in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to perform out of bounds memory access via a crafEPSS 0.4%CVE-2026-3537HIGHObject lifecycle issue in PowerVR in Google Chrome on Android prior to 145.0.7632.159 allowed a remote attacker to potentially exploit heap EPSS 0.4%CVE-2024-9957HIGHUse after free in UI in Google Chrome on iOS prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI EPSS 0.4%CVE-2026-3915HIGHHeap buffer overflow in WebML in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform an out of bounds memory read via EPSS 0.4%CVE-2024-9961HIGHUse after free in ParcelTracking in Google Chrome on iOS prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in EPSS 0.4%CVE-2024-8194HIGHType Confusion in V8 in Google Chrome prior to 128.0.6613.113 allowed a remote attacker to potentially exploit heap corruption via a craftedEPSS 0.4%CVE-2024-0015HIGHIn convertToComponentName of DreamService.java, there is a possible way to launch arbitrary protected activities due to intent redirection. EPSS 0.4%CVE-2025-0612HIGHOut of bounds memory access in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption EPSS 0.4%CVE-2025-4609CRITICALIncorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 136.0.7103.113 allowed a remote attackerEPSS 0.4%CVE-2024-43767HIGHIn prepare_to_draw_into_mask of SkBlurMaskFilterImpl.cpp, there is a possible heap overflow due to improper input validation. This could leaEPSS 0.4%CVE-2025-0716MEDIUMAngularJS improper sanitization in SVG '<image>' elementEPSS 0.4%CVE-2025-0441MEDIUMInappropriate implementation in Fenced Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to obtain potentially sensitEPSS 0.4%CVE-2026-10896HIGHUse after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crEPSS 0.4%CVE-2026-11720CRITICALPath Traversal in googleapis/mcp-toolbox HTTP Tool URL BuilderEPSS 0.4%CVE-2025-22403CRITICALIn sdp_snd_service_search_req of sdp_discovery.cc, there is a possible way to execute arbitrary code due to a use after free. This could leaEPSS 0.4%CVE-2026-10946HIGHHeap buffer overflow in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UEPSS 0.4%CVE-2026-10885HIGHUse after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crEPSS 0.4%CVE-2025-22408CRITICALIn rfc_check_send_cmd of rfc_utils.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to remote EPSS 0.4%CVE-2022-4910Inappropriate implementation in Autofill in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to bypass navigation restrictionsEPSS 0.4%