Vulnerabilidades en google
5229 resultadosCVE-2025-8882HIGHUse after free in Aura in Google Chrome prior to 139.0.7258.127 allowed a remote attacker who convinced a user to engage in specific UI gestEPSS 0.2%CVE-2026-8569HIGHOut of bounds write in Codecs in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escEPSS 0.2%CVE-2026-14011HIGHOut of bounds read in SurfaceCapture in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform an out of bounds memory reEPSS 0.2%CVE-2018-9470HIGHIn bff_Scanner_addOutPos of Scanner.c, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote eEPSS 0.2%CVE-2026-9926HIGHHeap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process toEPSS 0.2%CVE-2018-9472HIGHIn xmlMemStrdupLoc of xmlmemory.c, there is a possible out-of-bounds write due to an integer overflow. This could lead to remote code executEPSS 0.2%CVE-2026-12009HIGHInsufficient validation of untrusted input in Accessibility in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker who haEPSS 0.2%CVE-2026-9924HIGHHeap buffer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the rendererEPSS 0.2%CVE-2018-9365CRITICALIn smp_data_received of smp_l2c.cc, there is a possible out of bounds read followed by code execution due to a missing bounds check. This coEPSS 0.2%CVE-2026-12011HIGHUse after free in WebMIDI in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer proEPSS 0.2%CVE-2026-12008HIGHUse after free in DigitalCredentials in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer proEPSS 0.2%CVE-2018-9433CRITICALIn ArrayConcatVisitor of builtins-array.cc, there is a possible type confusion due to improper input validation. This could lead to remote cEPSS 0.2%CVE-2026-13837MEDIUMInappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HEPSS 0.2%CVE-2018-20073—Use of extended attributes in downloads in Google Chrome prior to 72.0.3626.81 allowed a local attacker to read download URLs via the filesyEPSS 0.2%CVE-2026-13902MEDIUMInappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofiEPSS 0.2%CVE-2026-9891CRITICALUse after free in Extensions in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to EPSS 0.2%CVE-2026-14427HIGHHeap buffer overflow in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to pEPSS 0.2%CVE-2025-12435MEDIUMIncorrect security UI in Omnibox in Google Chrome on Android prior to 142.0.7444.59 allowed a remote attacker to perform UI spoofing via a cEPSS 0.2%CVE-2026-14113CRITICALUse after free in Updater in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer procEPSS 0.2%CVE-2026-14066MEDIUMInsufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to bypEPSS 0.2%