Google » V8 : Security Vulnerabilities, CVEs, CVSS score >= 8

CVE-2016-5129

Google V8 before 5.2.361.32, as used in Google Chrome before 52.0.2743.82, does not properly process left-trimmed objects, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via crafted JavaScript code.
Max CVSS
8.8
EPSS Score
2.53%
Published
2016-07-23
Updated
2017-09-01

CVE-2016-5128

objects.cc in Google V8 before 5.2.361.27, as used in Google Chrome before 52.0.2743.82, does not prevent API interceptors from modifying a store target without setting a property, which allows remote attackers to bypass the Same Origin Policy via a crafted web site.
Max CVSS
8.8
EPSS Score
1.11%
Published
2016-07-23
Updated
2017-09-01

CVE-2016-3679

Multiple unspecified vulnerabilities in Google V8 before 4.9.385.33, as used in Google Chrome before 49.0.2623.108, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
Max CVSS
9.3
EPSS Score
0.52%
Published
2016-03-29
Updated
2018-10-30

CVE-2016-2843

Multiple unspecified vulnerabilities in Google V8 before 4.9.385.26, as used in Google Chrome before 49.0.2623.75, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
Max CVSS
10.0
EPSS Score
0.17%
Published
2016-03-06
Updated
2016-12-03

CVE-2016-1678

objects.cc in Google V8 before 5.0.71.32, as used in Google Chrome before 51.0.2704.63, does not properly restrict lazy deoptimization, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JavaScript code.
Max CVSS
8.8
EPSS Score
1.90%
Published
2016-06-05
Updated
2018-10-30

CVE-2016-1669

The Zone::New function in zone.cc in Google V8 before 5.0.71.47, as used in Google Chrome before 50.0.2661.102, does not properly determine when to expand certain memory allocations, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted JavaScript code.
Max CVSS
9.3
EPSS Score
3.47%
Published
2016-05-14
Updated
2023-01-19

CVE-2015-8548

Multiple unspecified vulnerabilities in Google V8 before 4.7.80.23, as used in Google Chrome before 47.0.2526.80, allow attackers to cause a denial of service or possibly have other impact via unknown vectors, a different issue than CVE-2015-8478.
Max CVSS
10.0
EPSS Score
0.17%
Published
2015-12-14
Updated
2016-12-07

CVE-2014-1704

Multiple unspecified vulnerabilities in Google V8 before 3.23.17.18, as used in Google Chrome before 33.0.1750.149, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
Max CVSS
10.0
EPSS Score
0.55%
Published
2014-03-16
Updated
2017-01-07

CVE-2009-2555

Heap-based buffer overflow in src/jsregexp.cc in Google V8 before 1.1.10.14, as used in Google Chrome before 2.0.172.37, allows remote attackers to execute arbitrary code in the Chrome sandbox via a crafted JavaScript regular expression.
Max CVSS
9.3
EPSS Score
8.60%
Published
2009-07-21
Updated
2017-08-17
9 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close