Total
3652 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2025-0762 | 1 Google | 1 Chrome | 2025-04-21 | N/A | 8.8 HIGH |
Use after free in DevTools in Google Chrome prior to 132.0.6834.159 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium) | |||||
CVE-2025-0448 | 1 Google | 1 Chrome | 2025-04-21 | N/A | 4.3 MEDIUM |
Inappropriate implementation in Compositing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) | |||||
CVE-2025-0447 | 1 Google | 1 Chrome | 2025-04-21 | N/A | 8.8 HIGH |
Inappropriate implementation in Navigation in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Low) | |||||
CVE-2025-0446 | 1 Google | 1 Chrome | 2025-04-21 | N/A | 4.3 MEDIUM |
Inappropriate implementation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low) | |||||
CVE-2025-0443 | 1 Google | 1 Chrome | 2025-04-21 | N/A | 8.8 HIGH |
Insufficient data validation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium) | |||||
CVE-2025-0442 | 1 Google | 1 Chrome | 2025-04-21 | N/A | 6.5 MEDIUM |
Inappropriate implementation in Payments in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | |||||
CVE-2025-0441 | 1 Google | 1 Chrome | 2025-04-21 | N/A | 6.5 MEDIUM |
Inappropriate implementation in Fenced Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to obtain potentially sensitive information from the system via a crafted HTML page. (Chromium security severity: Medium) | |||||
CVE-2025-0440 | 2 Google, Microsoft | 2 Chrome, Windows | 2025-04-21 | N/A | 6.5 MEDIUM |
Inappropriate implementation in Fullscreen in Google Chrome on Windows prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | |||||
CVE-2025-0439 | 1 Google | 1 Chrome | 2025-04-21 | N/A | 6.5 MEDIUM |
Race in Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | |||||
CVE-2025-0438 | 1 Google | 1 Chrome | 2025-04-21 | N/A | 8.8 HIGH |
Stack buffer overflow in Tracing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2025-3074 | 1 Google | 1 Chrome | 2025-04-21 | N/A | 5.4 MEDIUM |
Inappropriate implementation in Downloads in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) | |||||
CVE-2025-3073 | 1 Google | 1 Chrome | 2025-04-21 | N/A | 5.4 MEDIUM |
Inappropriate implementation in Autofill in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) | |||||
CVE-2025-3072 | 1 Google | 1 Chrome | 2025-04-21 | N/A | 5.4 MEDIUM |
Inappropriate implementation in Custom Tabs in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) | |||||
CVE-2025-3071 | 1 Google | 1 Chrome | 2025-04-21 | N/A | 5.4 MEDIUM |
Inappropriate implementation in Navigations in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low) | |||||
CVE-2025-0436 | 1 Google | 1 Chrome | 2025-04-21 | N/A | 8.8 HIGH |
Integer overflow in Skia in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2025-0434 | 1 Google | 1 Chrome | 2025-04-21 | N/A | 8.8 HIGH |
Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2025-0435 | 1 Google | 2 Android, Chrome | 2025-04-21 | N/A | 6.5 MEDIUM |
Inappropriate implementation in Navigation in Google Chrome on Android prior to 132.0.6834.83 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2017-5080 | 3 Google, Linux, Microsoft | 3 Chrome, Linux Kernel, Windows | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
A use after free in credit card autofill in Google Chrome prior to 59.0.3071.86 for Linux and Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | |||||
CVE-2017-5107 | 5 Apple, Google, Linux and 2 more | 7 Macos, Chrome, Linux Kernel and 4 more | 2025-04-20 | 2.6 LOW | 5.3 MEDIUM |
A timing attack in SVG rendering in Google Chrome prior to 60.0.3112.78 for Linux, Windows, and Mac allowed a remote attacker to extract pixel values from a cross-origin page being iframe'd via a crafted HTML page. | |||||
CVE-2017-5090 | 2 Apple, Google | 2 Macos, Chrome | 2025-04-20 | 4.3 MEDIUM | 6.5 MEDIUM |
Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 59.0.3071.115 for Mac allowed a remote attacker to perform domain spoofing via a crafted domain name containing a U+0620 character, aka Apple rdar problem 32458012. |