Every CVE whose affected-product data names Google V8, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (33)
CVE-2014-1704 — CVSS 10.0 (critical): Multiple unspecified vulnerabilities in Google V8 before 3.23.17.18, as used in Google Chrome before 33.0.1750.149, allow attackers to…
CVE-2015-8548 — CVSS 10.0 (critical): Multiple unspecified vulnerabilities in Google V8 before 4.7.80.23, as used in Google Chrome before 47.0.2526.80, allow attackers to cause…
CVE-2016-2843 — CVSS 9.8 (critical): Multiple unspecified vulnerabilities in Google V8 before 4.9.385.26, as used in Google Chrome before 49.0.2623.75, allow attackers to cause…
CVE-2009-2555 — CVSS 9.3 (critical): Heap-based buffer overflow in src/jsregexp.cc in Google V8 before 1.1.10.14, as used in Google Chrome before 2.0.172.37, allows remote…
CVE-2016-5129 — CVSS 8.8 (high): Google V8 before 5.2.361.32, as used in Google Chrome before 52.0.2743.82, does not properly process left-trimmed objects, which allows…
CVE-2016-1669 — CVSS 8.8 (high): The Zone::New function in zone.cc in Google V8 before 5.0.71.47, as used in Google Chrome before 50.0.2661.102, does not properly determine…
CVE-2016-1678 — CVSS 8.8 (high): objects.cc in Google V8 before 5.0.71.32, as used in Google Chrome before 51.0.2704.63, does not properly restrict lazy deoptimization…
CVE-2016-3679 — CVSS 8.8 (high): Multiple unspecified vulnerabilities in Google V8 before 4.9.385.33, as used in Google Chrome before 49.0.2623.108, allow attackers to…
CVE-2016-5128 — CVSS 8.8 (high): objects.cc in Google V8 before 5.2.361.27, as used in Google Chrome before 52.0.2743.82, does not prevent API interceptors from modifying a…
CVE-2013-6638 — CVSS 7.5 (high): Multiple buffer overflows in runtime.cc in Google V8 before 3.22.24.7, as used in Google Chrome before 31.0.1650.63, allow remote attackers…
CVE-2013-6640 — CVSS 7.5 (high): The DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc) in Google V8 before 3.22.24.7, as used in Google Chrome before…
CVE-2013-6668 — CVSS 7.5 (high): Multiple unspecified vulnerabilities in Google V8 before 3.24.35.10, as used in Google Chrome before 33.0.1750.146, allow attackers to…
CVE-2012-5128 — CVSS 7.5 (high): Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.64, does not properly perform write operations, which allows remote…
CVE-2014-3152 — CVSS 7.5 (high): Integer underflow in the LCodeGen::PrepareKeyedOperand function in arm/lithium-codegen-arm.cc in Google V8 before 3.25.28.16, as used in…
CVE-2014-7967 — CVSS 7.5 (high): Multiple unspecified vulnerabilities in Google V8 before 3.28.71.15, as used in Google Chrome before 38.0.2125.101, allow attackers to…
CVE-2015-1242 — CVSS 7.5 (high): The ReduceTransitionElementsKind function in hydrogen-check-elimination.cc in Google V8 before 4.2.77.8, as used in Google Chrome before…
CVE-2015-1346 — CVSS 7.5 (high): Multiple unspecified vulnerabilities in Google V8 before 3.30.33.15, as used in Google Chrome before 40.0.2214.91, allow attackers to cause…
CVE-2015-2238 — CVSS 7.5 (high): Multiple unspecified vulnerabilities in Google V8 before 4.1.0.21, as used in Google Chrome before 41.0.2272.76, allow attackers to cause a…
CVE-2015-3333 — CVSS 7.5 (high): Multiple unspecified vulnerabilities in Google V8 before 4.2.77.14, as used in Google Chrome before 42.0.2311.90, allow attackers to cause…
CVE-2015-3910 — CVSS 7.5 (high): Multiple unspecified vulnerabilities in Google V8 before 4.3.61.21, as used in Google Chrome before 43.0.2357.65, allow attackers to cause…
CVE-2015-5380 — CVSS 7.5 (high): The Utf8DecoderBase::WriteUtf16Slow function in unicode-decoder.cc in Google V8, as used in Node.js before 0.12.6, io.js before 1.8.3 and…
CVE-2015-6580 — CVSS 7.5 (high): Multiple unspecified vulnerabilities in Google V8 before 4.5.103.29, as used in Google Chrome before 45.0.2454.85, allow attackers to cause…
CVE-2015-7834 — CVSS 7.5 (high): Multiple unspecified vulnerabilities in Google V8 before 4.6.85.23, as used in Google Chrome before 46.0.2490.71, allow attackers to cause…
CVE-2015-8478 — CVSS 7.5 (high): Multiple unspecified vulnerabilities in Google V8 before 4.7.80.23, as used in Google Chrome before 47.0.2526.73, allow attackers to cause…
CVE-2012-5120 — CVSS 7.5 (high): Google V8 before 3.13.7.5, as used in Google Chrome before 23.0.1271.64, on 64-bit Linux platforms allows remote attackers to cause a…
CVE-2013-6639 — CVSS 7.5 (high): The DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc) in Google V8 before 3.22.24.7, as used in Google Chrome before…
CVE-2013-0836 — CVSS 6.8 (medium): Google V8 before 3.14.5.3, as used in Google Chrome before 24.0.1312.52, does not properly implement garbage collection, which allows…
CVE-2011-3886 — CVSS 6.8 (medium): Google V8, as used in Google Chrome before 15.0.874.102, allows remote attackers to cause a denial of service or possibly have unspecified…
CVE-2013-2632 — CVSS 6.8 (medium): Google V8 before 3.17.13, as used in Google Chrome before 27.0.1444.3, allows remote attackers to cause a denial of service (application…
CVE-2016-1677 — CVSS 6.5 (medium): uri.js in Google V8 before 5.1.281.26, as used in Google Chrome before 51.0.2704.63, uses an incorrect array type, which allows remote…
CVE-2016-1688 — CVSS 6.5 (medium): The regexp (aka regular expression) implementation in Google V8 before 5.0.71.40, as used in Google Chrome before 51.0.2704.63, mishandles…
CVE-2011-5037 — CVSS 5.0 (medium): Google V8 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows…
CVE-2013-2838 — CVSS 5.0 (medium): Google V8, as used in Google Chrome before 27.0.1453.93, allows remote attackers to cause a denial of service (out-of-bounds read) via…