CISA Catalog
Data sourced from the official CISA Known Exploited Vulnerabilities Catalog. Federal agencies are required to remediate these vulnerabilities by the due date per BOD 22-01.
KEV Entries
1,619
Ransomware Use
327
Overdue
1,615
Vendors
266
Products
655
72 results · Page 2/3
Google Chrome Skia Integer Overflow Vulnerability
Google · Chromium Skia
Google Chromium Skia contains an integer overflow vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability affects Google Chrome and ChromeOS, Android, Flutter, and possibly other products.
Required Action
Apply updates per vendor instructions.
Google Chromium V8 Type Confusion Vulnerability
Google · Chromium V8
Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required Action
Apply updates per vendor instructions.
Google Chromium Network Service Use-After-Free Vulnerability
Google · Chromium Network Service
Google Chromium Network Service contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required Action
Apply updates per vendor instructions.
Google Chromium V8 Type Confusion Vulnerability
Google · Chromium V8
Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required Action
Apply updates per vendor instructions.
Google Chromium GPU Heap Buffer Overflow Vulnerability
Google · Chromium GPU
Google Chromium GPU contains a heap buffer overflow vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required Action
Apply updates per vendor instructions.
Google Chromium V8 Type Confusion Vulnerability
Google · Chromium V8
Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required Action
Apply updates per vendor instructions.
Google Chromium Mojo Insufficient Data Validation Vulnerability
Google · Chromium Mojo
Google Chromium Mojo contains an insufficient data validation vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required Action
Apply updates per vendor instructions.
Google Chromium Intents Insufficient Input Validation Vulnerability
Google · Chromium Intents
Google Chromium Intents contains an insufficient validation of untrusted input vulnerability that allows a remote attacker to browse to a malicious website via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required Action
Apply updates per vendor instructions.
Google Chromium PopupBlocker Security Bypass Vulnerability
Google · Chromium PopupBlocker
Google Chromium PopupBlocker contains an insufficient policy enforcement vulnerability that allows a remote attacker to bypass navigation restrictions via a crafted iframe. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required Action
Apply updates per vendor instructions.
Google Chromium V8 Out-of-Bounds Write Vulnerability
Google · Chromium V8
Google Chromium V8 Engine contains an out-of-bounds write vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required Action
Apply updates per vendor instructions.
Google Chromium V8 Integer Overflow Vulnerability
Google · Chromium V8
Google Chromium V8 Engine contains an integer overflow vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required Action
Apply updates per vendor instructions.
Google Chromium V8 Out-of-Bounds Write Vulnerability
Google · Chromium V8
Google Chromium V8 Engine contains out-of-bounds write vulnerability that allows a remote attacker to execute code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required Action
Apply updates per vendor instructions.
Google Chromium V8 Remote Code Execution Vulnerability
Google · Chromium V8
Google Chromium V8 Engine contains an unspecified vulnerability that allows a remote attacker to execute code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required Action
Apply updates per vendor instructions.
Google Chromium V8 Type Confusion Vulnerability
Google · Chromium V8
Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to execute code inside a sandbox via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required Action
Apply updates per vendor instructions.
Google Chromium V8 Memory Corruption Vulnerability
Google · Chromium V8
Google Chromium V8 Engine contains a memory corruption vulnerability that allows a remote attacker to execute code via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required Action
Apply updates per vendor instructions.
Google Chromium V8 Out-of-Bounds Memory Vulnerability
Google · Chromium V8
Google Chromium V8 Engine contains an out-of-bounds memory access vulnerability that allows a remote attacker to perform read/write operations, leading to code execution, via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required Action
Apply updates per vendor instructions.
Google Chromium V8 Out-of-Bounds Read Vulnerability
Google · Chromium V8
Google Chromium V8 Engine contains an out-of-bounds read vulnerability that allows a remote attacker to cause a denial of service or possibly have another unspecified impact via crafted JavaScript code. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required Action
Apply updates per vendor instructions.
Google Chrome Blink Use-After-Free Vulnerability
Google · Chrome Blink
Google Chrome Blink contains a heap use-after-free vulnerability that allows an attacker to potentially perform out of bounds memory access via a crafted HTML page.
Required Action
Apply updates per vendor instructions.
Google Chrome WebAudio Use-After-Free Vulnerability
Google · Chrome WebAudio
Google Chrome WebAudio contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Required Action
Apply updates per vendor instructions.
Google Chromium V8 Type Confusion Vulnerability
Google · Chromium V8
Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required Action
Apply updates per vendor instructions.
Google Pixel Out-of-Bounds Write Vulnerability
Google · Pixel
Google Pixel contains a possible out-of-bounds write due to a logic error in the code that could lead to local escalation of privilege.
Required Action
Apply updates per vendor instructions.
Google Chromium V8 Type Confusion Vulnerability
Google · Chromium V8
Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required Action
Apply updates per vendor instructions.
Google Chromium Animation Use-After-Free Vulnerability
Google · Chromium Animation
Google Chromium Animation contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required Action
Apply updates per vendor instructions.
Google Chrome Media Use-After-Free Vulnerability
Google · Chrome Media
Google Chrome Media contains a use-after-free vulnerability that allows a remote attacker to execute code via a crafted HTML page.
Required Action
Apply updates per vendor instructions.
Google Chromium V8 Use-After-Free Vulnerability
Google · Chromium V8
Google Chromium V8 Engine contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge, and Opera.
Required Action
Apply updates per vendor instructions.
